SLES 15

SLES 15 — kubernetes-client — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — kubernetes-client — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:783-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-15106 CVE-2020-15112 CVE-2020-8557 CVE-2020-8565 CVE-2020-8566 CVE-2020-15184 CVE-2020-15185 CVE-2020-15186  +1 more Upstream summary: In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in […]

Read more
SLES 15 — libgcrypt20 — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libgcrypt20 — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:254-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-33560 CVE-2015-5738 CVE-2021-3345 CVE-2024-2236 CVE-2021-40528 CVE-2013-4242 CVE-2014-3591 CVE-2015-0837  +6 more Upstream summary: Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks […]

Read more
SLES 15 — python2-pywbem — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python2-pywbem — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0580-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-6418 Upstream summary: PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an […]

Read more
SLES 15 — npm12 — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — npm12 — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1301-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-27983 CVE-2024-22019 CVE-2023-30581 CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 CVE-2021-39134 CVE-2021-39135  +12 more Upstream summary: An attacker can make the Node.js HTTP/2 server completely unavailable by sending a […]

Read more
SLES 15 — p11-kit — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — p11-kit — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:599-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-29361 CVE-2020-29363 CVE-2020-29362 Upstream summary: An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in […]

Read more
SLES 15 — amavisd-new — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — amavisd-new — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-1238 Upstream summary: (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, […]

Read more
SLES 15 — nbdkit — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — nbdkit — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:01888-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-47711 CVE-2025-47712 CVE-2021-3716 Upstream summary: There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If […]

Read more
SLES 15 — npm18 — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — npm18 — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0643-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-21892 CVE-2025-22150 CVE-2025-23085 CVE-2024-21538 CVE-2024-22020 CVE-2024-36138 CVE-2024-27980 Upstream summary: On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged […]

Read more
SLES 15 — supportutils-plugin-salt — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — supportutils-plugin-salt — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2024:4008-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22037 Upstream summary: The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment […]

Read more
SLES 15 — collectd — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — collectd — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:2187-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-6254 CVE-2017-7401 Upstream summary: Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to […]

Read more
CHAT