govulncheck-vulndb-0.0.20250529T205903-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:15188-1 Final 1 1 2025-06-01T00:00:00Z current 2025-06-01T00:00:00Z 2025-06-01T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z govulncheck-vulndb-0.0.20250529T205903-1.1 on GA media These are all security issues fixed in the govulncheck-vulndb-0.0.20250529T205903-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-15188 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5W5NDYFJCKVTB2UYZO6OSRFA7RGWGHY3/ E-Mail link for openSUSE-SU-2025:15188-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-4057/ SUSE CVE CVE-2025-4057 page https://www.suse.com/security/cve/CVE-2025-47933/ SUSE CVE CVE-2025-47933 page https://www.suse.com/security/cve/CVE-2025-47952/ SUSE CVE CVE-2025-47952 page openSUSE Tumbleweed govulncheck-vulndb-0.0.20250529T205903-1.1 govulncheck-vulndb-0.0.20250529T205903-1.1 as a component of openSUSE Tumbleweed A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies. CVE-2025-4057 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5W5NDYFJCKVTB2UYZO6OSRFA7RGWGHY3/ https://www.suse.com/security/cve/CVE-2025-4057.html CVE-2025-4057 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.13.8, 2.14.13, and 3.0.4, an attacker can perform arbitrary actions on behalf of the victim via the API. Due to the improper filtering of URL protocols in the repository page, an attacker can achieve cross-site scripting with permission to edit the repository. This issue has been patched in versions 2.13.8, 2.14.13, and 3.0.4. CVE-2025-47933 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5W5NDYFJCKVTB2UYZO6OSRFA7RGWGHY3/ https://www.suse.com/security/cve/CVE-2025-47933.html CVE-2025-47933 https://bugzilla.suse.com/1243791 SUSE Bug 1243791 Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it's possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.25 and 3.4.1. CVE-2025-47952 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250529T205903-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5W5NDYFJCKVTB2UYZO6OSRFA7RGWGHY3/ https://www.suse.com/security/cve/CVE-2025-47952.html CVE-2025-47952 https://bugzilla.suse.com/1243818 SUSE Bug 1243818