openSUSE Leap 15.6

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0360-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-44487 CVE-2025-23419 CVE-2024-7347 CVE-2025-53859 Upstream summary: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6184 (see also SUSE bugzilla) Related CVEs: CVE-2024-40897 Upstream summary: Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2475-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-52168 CVE-2023-52169 CVE-2022-47069 CVE-2023-1576 Upstream summary: The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0224-2 (see also SUSE bugzilla) Related CVEs: CVE-2024-24792 CVE-2025-47914 CVE-2023-29408 Upstream summary: Parsing a corrupt or malicious image with invalid color indices can cause a panic. Table of contents Symptom & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0211-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45142 Upstream summary: OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0211-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22189 CVE-2023-49295 Upstream summary: quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6963 (see also SUSE bugzilla) Related CVEs: CVE-2024-6655 Upstream summary: A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:1690-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-4065 Upstream summary: A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2481-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-21503 CVE-2026-32274 Upstream summary: Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2409-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-44488 CVE-2023-6349 CVE-2024-5197 Upstream summary: VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. Table of contents Symptom & […]