openSUSE Leap 15.6

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4152-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-53849 Upstream summary: editorconfig-core-c is theEditorConfig core library written in C (for use by plugins supporting EditorConfig parsing). In affected versions several overflows may […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3709-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-38802 CVE-2023-41358 CVE-2023-47234 CVE-2023-47235 CVE-2024-31948 CVE-2024-44070 CVE-2024-31950 CVE-2024-31951  +12 more Upstream summary: FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10953 (see also SUSE bugzilla) Related CVEs: CVE-2024-53899 Upstream summary: virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14521-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-11236 CVE-2024-8932 CVE-2025-14180 CVE-2025-14177 Upstream summary: In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14516-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-52949 Upstream summary: iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4037-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47072 Upstream summary: XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:0066-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-34169 Upstream summary: The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0364-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-21259 CVE-2024-21248 CVE-2024-21263 CVE-2024-21273 Upstream summary: Unknown. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0322-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25626 Upstream summary: A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3960-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-41311 CVE-2025-68431 Upstream summary: In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead […]