openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:0012 (see also SUSE bugzilla) Related CVEs: CVE-2024-35195 Upstream summary: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2024-2430 Upstream summary: The Website Content in Page or Post WordPress plugin before 2024.04.09 does not validate and escape some of its shortcode attributes before outputting them back in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1872-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-34062 Upstream summary: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `–delim`, `–buf-size`, `–manpath`) are passed […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9150 (see also SUSE bugzilla) Related CVEs: CVE-2024-34064 Upstream summary: Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1571-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-21506 Upstream summary: Duplicate of CVE-2024-5629. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1605-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-29040 CVE-2023-22745 CVE-2020-24455 Upstream summary: This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9424 (see also SUSE bugzilla) Related CVEs: CVE-2024-29038 CVE-2024-29039 CVE-2017-7524 CVE-2021-3565 Upstream summary: tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-34020 Upstream summary: A stack-based buffer overflow was found in the putSDN() function of mail.c in hcode through 2.1. Table of contents Symptom & Impact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8365 (see also SUSE bugzilla) Related CVEs: CVE-2024-3651 Upstream summary: A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:0310-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-3772 Upstream summary: Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted […]