SLES 15

SLES 15 — libxmltooling9 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libxmltooling9 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:2766-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-36661 Upstream summary: Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed […]

Read more
SLES 15 — libstaroffice — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libstaroffice — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1076-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9432 Upstream summary: Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in […]

Read more
SLES 15 — Mesa — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — Mesa — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1343-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-40393 CVE-2023-45913 CVE-2023-45919 CVE-2023-45922 CVE-2019-5068 Upstream summary: In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount […]

Read more
SLES 15 — libnvidia-container1 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libnvidia-container1 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3950-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-0132 CVE-2024-0133 Upstream summary: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted […]

Read more
SLES 15 — ruby2.5-rubygem-websocket-extensions — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ruby2.5-rubygem-websocket-extensions — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:0127-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-7663 Upstream summary: websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when […]

Read more
SLES 15 — libyaml — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libyaml — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0403-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-6393 CVE-2014-2525 CVE-2014-9130 Upstream summary: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a […]

Read more
SLES 15 — subversion — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — subversion — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:1161-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24070 CVE-2017-9800 CVE-2019-0203 CVE-2020-17525 CVE-2024-46901 CVE-2021-28544 CVE-2009-2411 CVE-2010-3315  +12 more Upstream summary: Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, […]

Read more
SLES 15 — frr — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — frr — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3426-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-15865 CVE-2024-44070 CVE-2024-34088 CVE-2024-31948 CVE-2024-31950 CVE-2024-31951 CVE-2023-47234 CVE-2023-47235  +12 more Upstream summary: bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in […]

Read more
SLES 15 — python3-filelock — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-filelock — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0220-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-22701 CVE-2025-68146 Upstream summary: filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock […]

Read more
SLES 15 — python311-FontTools — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python311-FontTools — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0199-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-66034 Upstream summary: fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 […]

Read more
CHAT