openSUSE Leap 15.6

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3576-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-5261 CVE-2024-3044 Upstream summary: Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3533-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-3019 CVE-2023-6917 CVE-2024-45769 CVE-2024-45770 Upstream summary: A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3426-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-15865 CVE-2022-37032 Upstream summary: bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3939-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47220 CVE-2024-43398 CVE-2025-24294 CVE-2025-6442 CVE-2025-27220 CVE-2025-27221 CVE-2025-27219 CVE-2024-49761  +5 more Upstream summary: An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6356 (see also SUSE bugzilla) Related CVEs: CVE-2024-42472 CVE-2024-32462 Upstream summary: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:4647 (see also SUSE bugzilla) Related CVEs: CVE-2024-39936 CVE-2025-30348 CVE-2025-5455 CVE-2023-45935 Upstream summary: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2732-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-41671 CVE-2024-41810 Upstream summary: Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6757 (see also SUSE bugzilla) Related CVEs: CVE-2024-7383 Upstream summary: A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2756-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-14868 Upstream summary: In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0130-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-32650 Upstream summary: Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. When […]