SLES 16

SLES 16 — expat — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — expat — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-9063 CVE-2026-32776 CVE-2026-32777 CVE-2025-59375 CVE-2009-2625 CVE-2016-5300 CVE-2017-9233 CVE-2019-15903  +12 more Upstream summary: An integer overflow during the parsing of XML using the Expat library. This […]

Read more
SLES 16 — apache-commons-text — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — apache-commons-text — vulnerability — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:712-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-42889 Upstream summary: Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where […]

Read more
SLES 16 — keylime-config — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — keylime-config — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:2224 (see also SUSE bugzilla) Related CVEs: CVE-2026-1709 CVE-2025-13609 CVE-2021-43310 CVE-2022-1053 CVE-2022-23948 CVE-2022-23949 CVE-2022-23950 CVE-2022-23952  +6 more Upstream summary: A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does […]

Read more
SLES 16 — libcares2 — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — libcares2 — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:778-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8277 CVE-2021-3672 CVE-2023-32067 CVE-2025-62408 CVE-2016-5180 CVE-2017-1000381 CVE-2022-4904 CVE-2023-31124  +4 more Upstream summary: A Node.js application that allows an attacker to trigger a DNS request for […]

Read more
SLES 16 — libSDL2 — multiple vulnerabilities (18 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — libSDL2 — multiple vulnerabilities (18 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-2888 CVE-2020-14409 CVE-2020-14410 CVE-2021-33657 CVE-2019-13616 CVE-2019-13626 CVE-2019-7572 CVE-2019-7573  +10 more Upstream summary: An exploitable integer overflow vulnerability exists when creating a new RGB Surface in […]

Read more
SLES 16 — jackson-core — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — jackson-core — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:1678-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36518 Upstream summary: jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. Table of contents […]

Read more
SLES 16 — ftdump — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — ftdump — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:721-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-8287 CVE-2020-15999 CVE-2010-3855 CVE-2011-3256 CVE-2011-3439 CVE-2012-1133 CVE-2012-1134 CVE-2012-1136  +12 more Upstream summary: FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer […]

Read more
SLES 16 — ed25519-java — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — ed25519-java — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:1029-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36843 Upstream summary: The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability […]

Read more
SLES 16 — cloud-init — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — cloud-init — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2021:6-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8631 CVE-2020-8632 CVE-2024-6174 CVE-2019-0816 CVE-2021-3429 CVE-2022-2084 CVE-2023-1786 CVE-2024-11584 Upstream summary: cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier […]

Read more
CHAT