## This update fixes the following issues: golang-github-QubitProducts-exporter_exporter: * Security issue fixed: * CVE-2022-21698: Fixed prometheus/client_golang possible denial of service using InstrumentHandlerCounter (bsc#1248699) golang-github-lusitaniae-apache_exporter: * Non customer facing changes golang-github-prometheus-node_exporter updated to version 1.10.2: * Security issues fixed: * CVE-2025-22870: Fixed potential proxy bypass using IPv6 zone IDs (v1.9.1) (bsc#1238686) * CVE-2023-45288: Close connections when receiving too many headers (v1.9.0) (bsc#1236516) * Highlights of other changes and bug fixes: * Backward Compatibility and packaging changes: * Added compatibility for Go 1.22/1.23 needed in older RHEL toolchains
* bsc#1227579
* bsc#1229105
* bsc#1232641
* bsc#1235516
* bsc#1236516
* bsc#1238686
* bsc#1248699
* bsc#1248707
* bsc#1249400
* bsc#1249532
* bsc#1253174
* bsc#1254900
* bsc#1257583
* bsc#1259700
* bsc#1259739
* bsc#1260806
* bsc#1260905
* bsc#1261810
* bsc#1261902
* bsc#1262409
* bsc#1262708
* bsc#1262760
* bsc#1263157
* bsc#1263823
* bsc#1266012
* jsc#MSQA-1056
* jsc#PED-12485
* jsc#PED-7893
* jsc#PED-7928
Cross-
* CVE-2022-21698
* CVE-2023-45288
* CVE-2025-22870
CVSS scores:
* CVE-2022-21698 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-21698 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45288 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Get the latest Linux and open source security news straight to your inbox.