SLES 15

SLES 15 — e2fsprogs — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — e2fsprogs — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1021-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-1304 CVE-2015-0247 CVE-2015-1572 CVE-2019-5094 CVE-2019-5188 Upstream summary: An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly […]

Read more
SLES 15 — python3-requests — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-requests — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1218-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-25645 CVE-2024-47081 Upstream summary: Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from […]

Read more
SLES 15 — python311 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python311 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2022-4303 CVE-2023-41105 CVE-2025-12781 CVE-2025-1795 Upstream summary: The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes […]

Read more
SLES 15 — python3-future — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-future — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:0076-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-40899 Upstream summary: An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie […]

Read more
SLES 15 — libecal — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libecal — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0775-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-2604 CVE-2020-14928 CVE-2020-16117 Upstream summary: Unknown. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary […]

Read more
SLES 15 — wpa_supplicant — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — wpa_supplicant — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:0504-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-23303 CVE-2022-23304 CVE-2019-9494 CVE-2019-9498 CVE-2019-9499 CVE-2021-0326 CVE-2021-27803 CVE-2023-52424  +12 more Upstream summary: The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are […]

Read more
SLES 15 — orc — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — orc — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6184 (see also SUSE bugzilla) Related CVEs: CVE-2024-40897 Upstream summary: Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially […]

Read more
SLES 15 — pam_yubico — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — pam_yubico — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-9275 Upstream summary: In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the […]

Read more
SLES 15 — perl-Archive-Zip — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — perl-Archive-Zip — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:2385-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10860 Upstream summary: perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while […]

Read more
SLES 15 — libyaml-cpp0_6 — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libyaml-cpp0_6 — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1765-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-20573 CVE-2018-20574 CVE-2019-6285 CVE-2019-6292 CVE-2017-5950 Upstream summary: The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack […]

Read more
CHAT