SLES 15

SLES 15 — python3-PyMySQL — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-PyMySQL — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9193 (see also SUSE bugzilla) Related CVEs: CVE-2024-36039 Upstream summary: PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict. Table of contents […]

Read more
SLES 15 — libgmp10 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libgmp10 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:541-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-43618 Upstream summary: GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to […]

Read more
SLES 15 — libnettle6 — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libnettle6 — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:254-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3580 CVE-2021-20305 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-6489 CVE-2018-16869 Upstream summary: A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An […]

Read more
SLES 15 — python3-cupshelpers — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-cupshelpers — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2011-4405 Upstream summary: The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure […]

Read more
SLES 15 — cni — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — cni — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1058-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-1753 CVE-2021-20206 CVE-2019-18466 Upstream summary: A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host […]

Read more
SLES 15 — pkexec — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — pkexec — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:1842-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3560 CVE-2021-4034 CVE-2026-4897 CVE-2025-7519 CVE-2015-3255 CVE-2015-3256 CVE-2018-19788 CVE-2019-6133  +4 more Upstream summary: It was found that polkit could be tricked into bypassing the credential checks […]

Read more
SLES 15 — augeas — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — augeas — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1017-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-0786 CVE-2014-8119 CVE-2025-2588 CVE-2017-7555 Upstream summary: The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive […]

Read more
SLES 15 — python3-urllib3 — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-urllib3 — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:875-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-33503 CVE-2025-66471 CVE-2026-21441 CVE-2025-66418 CVE-2025-50181 CVE-2024-37891 CVE-2023-45803 CVE-2023-43804 Upstream summary: An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many […]

Read more
SLES 15 — rear23a — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — rear23a — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0135-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-23301 Upstream summary: Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets […]

Read more
SLES 15 — golang-github-prometheus-alertmanager — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — golang-github-prometheus-alertmanager — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0191-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-40577 CVE-2025-47908 Upstream summary: Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests […]

Read more
CHAT