The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1332-1 advisory. – CVE-2023-45288: rekor: golang.org/x/net/http2: Fixed close connections when receiving too many headers (bsc#1236519) – CVE-2024-6104: rekor: hashicorp/go-retryablehttps: Fixed sensitive information disclosure inside log file (bsc#1227053) – CVE-2025-22868: rekor: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239191) – CVE-2025-22869: rekor: golang.org/x/crypto/ssh: Fixed denial of service in the Key Exchange (bsc#1239327) – CVE-2025-27144: rekor: gopkg.in/go-jose/go-jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go- jose/v3: Fixed denial of service in Go JOSE's parsing (bsc#1237638) – CVE-2025-30204: rekor: github.com/golang-jwt/jwt/v5: Fixed jwt-go allowing excessive memory allocation during header parsing (bsc#1240468) Other fixes: – Update to version 1.3.10: * Features – Added –client-signing-algorithms flag (#1974) * Fixes / Misc – emit unpopulated values when marshalling (#2438) – pkg/api: better logs when algorithm registry rejects a key (#2429) – chore: improve mysql readiness checks (#2397) – Added –client-signing-algorithms flag (#1974) – Update to version 1.3.9 (jsc#SLE-23476): * Cache checkpoint for inactive shards (#2332) * Support per-shard…Read More