openSUSE Tumbleweed

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-52303 CVE-2024-42367 CVE-2024-27306 Upstream summary: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14543-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22038 CVE-2010-4226 CVE-2017-14804 Upstream summary: Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4194-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-53981 Upstream summary: python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks (CR r or LF n) in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:20879-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-53861 Upstream summary: pyjwt is a JSON Web Token implementation in Python. An incorrect string comparison is run for `iss` checking, resulting in `"acb"` being […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14523-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28085 CVE-2017-2616 CVE-2026-27456 CVE-2026-3184 CVE-2025-14104 CVE-2022-0563 CVE-2021-3995 CVE-2021-3996  +1 more Upstream summary: wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14516-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-52949 Upstream summary: iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4037-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47072 CVE-2022-41966 CVE-2016-3674 CVE-2017-7957 CVE-2020-26217 CVE-2021-21342 CVE-2021-21344 CVE-2021-21345  +12 more Upstream summary: XStream is a simple library to serialize objects to XML and back again. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:11193 (see also SUSE bugzilla) Related CVEs: CVE-2024-10573 CVE-2017-10683 CVE-2017-11126 Upstream summary: An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14445-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-49769 Upstream summary: Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14422-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-9050 Upstream summary: A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from […]