SUSE-SU-2025:1321-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2025/suse-su-20251321-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:1321-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2025:1321-1

Related

CVE-2025-23392

Published

2025-04-16T08:14:57Z

Modified

2025-05-02T04:37:31.985216Z

Upstream

CVE-2025-23392

Summary

Security update for Multi-Linux Manager 4.3: Server

Details

This update fixes the following issues:

spacewalk-java:

Version 4.3.85-0:
- CVE-2025-23392: Filter user input in systems list page. (bsc#1239826)

References

Affected packages

SUSE:Manager Server Module 4.3 / spacewalk-java

Package

Name: spacewalk-java
Purl: pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.3.85-150400.3.105.3

Ecosystem specific

{
    "binaries": [
        {
            "spacewalk-taskomatic": "4.3.85-150400.3.105.3",
            "spacewalk-java-postgresql": "4.3.85-150400.3.105.3",
            "spacewalk-java-config": "4.3.85-150400.3.105.3",
            "spacewalk-java-lib": "4.3.85-150400.3.105.3",
            "spacewalk-java": "4.3.85-150400.3.105.3"
        }
    ]
}