openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14582-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-54661 Upstream summary: readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0400-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-53984 Upstream summary: Nanopb is a small code-size Protocol Buffers implementation. When the compile time option PB_ENABLE_MALLOC is enabled, the message contains at least […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0643-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-24806 Upstream summary: libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4054-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28168 Upstream summary: Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4010-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-3978 Upstream summary: Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0366-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24859 Upstream summary: PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3923-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-35947 CVE-2023-35946 Upstream summary: Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0353-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-50624 Upstream summary: ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14471-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47889 Upstream summary: Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14479-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47887 Upstream summary: Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, […]