[SUSE-SU-2023:1902-1] Security update for SUSE Manager Client Tools
Severity
Important
CVEs
3
Security update for SUSE Manager Client Tools
This update fixes the following issues:
grafana version update from 8.5.20 to 8.5.22:
Security issues fixed:
- CVE-2023-1410: Fix XSS in Graphite functions tooltip (bsc#1209645)
- CVE-2023-0507: Apply attribute sanitation to GeomapPanel (bsc#1208821)
- CVE-2023-0594: Avoid storing XSS in TraceView panel (bsc#1208819)
The following non-security bug was fixed:
- Login: Fix panic when UpsertUser is called without ReqContext
- ID
- SUSE-SU-2023:1902-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20231902-1/
- Published
-
2023-04-19T03:08:57
(17 months ago) - Modified
-
2023-04-19T03:08:57
(17 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
FREEBSD:955EB3CC-CE0B-11ED-825F-6C3BE5272ACD| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2023:1902-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2023:1902-1 |
|
|
| Bugzilla | SUSE Bug 1208819 |
|
|
| Bugzilla | SUSE Bug 1208821 |
|
|
| Bugzilla | SUSE Bug 1209645 |
|
|
| CVE | SUSE CVE CVE-2023-0507 page |
|
|
| CVE | SUSE CVE CVE-2023-0594 page |
|
|
| CVE | SUSE CVE CVE-2023-1410 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |