openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-202404:15254-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22232 CVE-2024-22231 CVE-2023-34049 CVE-2023-20897 CVE-2023-20898 CVE-2023-28370 Upstream summary: A specially crafted url can be created which leads to a directory traversal in the salt […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0806-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-22573 Upstream summary: The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:2083-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-43798 CVE-2021-43815 Upstream summary: Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0777-1 Related CVEs: CVE-2022-44729 CVE-2022-41704 CVE-2022-42890 CVE-2022-44730 Upstream summary: Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1231-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1311 CVE-2023-37536 Upstream summary: The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8117 (see also SUSE bugzilla) Related CVEs: CVE-2023-48161 CVE-2021-40633 CVE-2022-28506 Upstream summary: Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0278-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49936 CVE-2023-49937 CVE-2022-29500 CVE-2023-41914 CVE-2023-49933 CVE-2023-49935 CVE-2023-49938 Upstream summary: An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9180 (see also SUSE bugzilla) Related CVEs: CVE-2024-24814 Upstream summary: mod_auth_openidc is an OpenID Certified(tm) authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0135-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-23301 Upstream summary: Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:0713-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-25236 CVE-2023-24329 CVE-2024-8088 Upstream summary: xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. Table of contents […]