openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:1127-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24713 Upstream summary: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3096-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-36980 Upstream summary: Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-0577 CVE-2021-41125 Upstream summary: Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1. Table of contents Symptom & Impact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:0815-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-0561 CVE-2014-8962 CVE-2014-9028 CVE-2017-6888 Upstream summary: In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2022:632-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3670 Upstream summary: MaxQueryDuration not honoured in Samba AD DC LDAP Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1101-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-23645 CVE-2020-28407 Upstream summary: swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:10018-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24976 CVE-2014-9773 CVE-2016-4478 CVE-2017-6384 Upstream summary: Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:10098-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-23607 Upstream summary: treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods (`treq.get`, `treq.post`, etc.) and […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:15115-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-41186 Upstream summary: Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0005-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-44420 Upstream summary: In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream […]