rpm package
suse/golang-github-prometheus-node_exporter&distro=SUSE Multi Linux Manager Tools SLE-12
pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68156 | — | < 1.9.1-120002.3.3.1 | 1.9.1-120002.3.3.1 | Dec 16, 2025 | Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursi | ||
| CVE-2025-12816 | — | < 1.9.1-120002.3.3.1 | 1.9.1-120002.3.3.1 | Nov 25, 2025 | An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and s |
- CVE-2025-68156Dec 16, 2025affected < 1.9.1-120002.3.3.1fixed 1.9.1-120002.3.3.1
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursi
- CVE-2025-12816Nov 25, 2025affected < 1.9.1-120002.3.3.1fixed 1.9.1-120002.3.3.1
An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and s