SLES 15

SLES 15 — libZXing1 — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libZXing1 — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:0157-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-28021 CVE-2021-42716 CVE-2021-42715 Upstream summary: Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file. Table of contents Symptom […]

Read more
SLES 15 — python3-h2 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-h2 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03199-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-57804 Upstream summary: h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to […]

Read more
SLES 15 — libjasper4 — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libjasper4 — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1396-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-31744 CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-8654 CVE-2016-9262 CVE-2016-9560 CVE-2020-27828  +12 more Upstream summary: In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, […]

Read more
SLES 15 — libtcmu2 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libtcmu2 — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:69-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3139 Upstream summary: In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to […]

Read more
SLES 15 — librav1e0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — librav1e0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03077-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-58266 CVE-2022-24713 Upstream summary: The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate […]

Read more
SLES 15 — rarpd — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — rarpd — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:17558 (see also SUSE bugzilla) Related CVEs: CVE-2025-48964 CVE-2025-47268 Upstream summary: ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via […]

Read more
SLES 15 — sevctl — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — sevctl — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2025:02203-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-12224 CVE-2023-50711 CVE-2025-3416 Upstream summary: Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a […]

Read more
SLES 15 — libupb37 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libupb37 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0573-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-4785 CVE-2024-11407 CVE-2024-7246 CVE-2023-32732 Upstream summary: Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) […]

Read more
SLES 15 — yast2-devtools — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — yast2-devtools — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1890-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-17042 Upstream summary: lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to […]

Read more
SLES 15 — yast2-users — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — yast2-users — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:1138-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-1601 Upstream summary: yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an […]

Read more
CHAT