Two security updates are available for openSUSE Tumbleweed: openSUSE-SU-2025:15830-1 and openSUSE-SU-2025:15831-1. The first update fixes three vulnerabilities, including CVE-2025-47911 and CVE-2025-58190, in the alloy-1.12.0-2.1 package on GA media. The second update addresses three more vulnerabilities, including CVE-2025-14174 and CVE-2025-14765, in the chromedriver-143.0.7499.146-1.1 package, which also includes an update for chromium 143.0.7499.146-1.1. Both updates have a moderate rating and can be installed to resolve the identified security issues.

openSUSE-SU-2025:15830-1: moderate: alloy-1.12.0-2.1 on GA media
openSUSE-SU-2025:15831-1: moderate: chromedriver-143.0.7499.146-1.1 on GA media

openSUSE-SU-2025:15830-1: moderate: alloy-1.12.0-2.1 on GA media

# alloy-1.12.0-2.1 on GA media

Announcement ID: openSUSE-SU-2025:15830-1
Rating: moderate

Cross-References:

* CVE-2025-47911
* CVE-2025-47913
* CVE-2025-58190

CVSS scores:

* CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the alloy-1.12.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* alloy 1.12.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-47911.html
* https://www.suse.com/security/cve/CVE-2025-47913.html
* https://www.suse.com/security/cve/CVE-2025-58190.html

openSUSE-SU-2025:15831-1: moderate: chromedriver-143.0.7499.146-1.1 on GA media

# chromedriver-143.0.7499.146-1.1 on GA media

Announcement ID: openSUSE-SU-2025:15831-1
Rating: moderate

Cross-References:

* CVE-2025-14174
* CVE-2025-14765
* CVE-2025-14766

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the chromedriver-143.0.7499.146-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* chromedriver 143.0.7499.146-1.1
* chromium 143.0.7499.146-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14174.html
* https://www.suse.com/security/cve/CVE-2025-14765.html
* https://www.suse.com/security/cve/CVE-2025-14766.html