vulnerability

SUSE: CVE-2024-8986: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:N/C:C/I:C/A:N)	Nov 22, 2024	Dec 5, 2025	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:N)

Published

Nov 22, 2024

Added

Dec 5, 2025

Modified

Dec 10, 2025

Description

The grafana plugin SDK bundles build metadata into the binaries it compiles; this metadata includes the repository URI for the plugin being built, as retrieved by running `git remote get-url origin`.

If credentials are included in the repository URI (for instance, to allow for fetching of private dependencies), the final binary will contain the full URI, including said credentials.

Solution

suse-upgrade-govulncheck-vulndb

References

CVE-2024-8986
https://attackerkb.com/topics/CVE-2024-8986
CWE-522

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today