openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:10407 (see also SUSE bugzilla) Related CVEs: CVE-2025-47273 CVE-2024-6345 Upstream summary: setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:15165-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-43904 Upstream summary: In SchedMD Slurm before 24.11.5, 24.05.8, and 23.11.11, the accounting system can allow a Coordinator to promote a user to Administrator. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:15067-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-46727 CVE-2025-32441 CVE-2024-28103 Upstream summary: Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, `Rack::QueryParser` parses query strings […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14578-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47540 CVE-2024-47537 CVE-2024-47539 CVE-2025-47183 CVE-2025-47219 CVE-2024-47543 CVE-2024-47544 CVE-2024-47545  +12 more Upstream summary: GStreamer is a library for constructing graphs of media-handling components. An uninitialized […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:1356-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-30211 CVE-2022-31008 CVE-2021-22116 CVE-2023-46118 CVE-2021-32718 CVE-2021-32719 Upstream summary: Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:0123-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-1860 Upstream summary: Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:1294-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36327 CVE-2021-43809 Upstream summary: Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14937-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-30204 CVE-2018-16873 CVE-2021-28235 CVE-2023-48795 CVE-2023-47108 CVE-2022-41723 CVE-2019-11254 CVE-2018-16874  +5 more Upstream summary: golang-jwt is a Go implementation of JSON Web Tokens. Starting in version […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14953-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-27832 CVE-2025-27835 CVE-2025-27836 CVE-2024-46951 CVE-2024-46953 CVE-2024-46956 CVE-2024-33871 CVE-2025-59798  +9 more Upstream summary: An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14984-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-31115 Upstream summary: XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in […]