openSUSE

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:4215-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-37026 Upstream summary: In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2009:002 (see also SUSE bugzilla) Related CVEs: CVE-2008-2383 Upstream summary: CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:2514-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-3128 CVE-2023-2801 CVE-2022-31097 CVE-2022-31107 CVE-2023-6152 CVE-2023-2183 CVE-2022-35957 CVE-2022-36062  +2 more Upstream summary: Grafana is validating Azure AD accounts based on the email claim. On […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:1963-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-29402 CVE-2023-29404 CVE-2023-29405 CVE-2023-29409 CVE-2023-29403 Upstream summary: The go command may generate unexpected code at build time when using cgo. This may result in […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:2561-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-33733 CVE-2019-19450 Upstream summary: Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file. Table of contents Symptom […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:0004-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-18848 CVE-2023-51774 Upstream summary: The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:0308 (see also SUSE bugzilla) Related CVEs: CVE-2024-56326 CVE-2024-22195 CVE-2024-34064 Upstream summary: Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:0308 (see also SUSE bugzilla) Related CVEs: CVE-2024-56201 Upstream summary: Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14601-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-25885 Upstream summary: An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14591-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-53920 CVE-2024-39331 CVE-2024-30203 CVE-2024-30204 CVE-2024-30205 Upstream summary: In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) […]