SLES

SLES 15 — python3-websockets — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-websockets — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:2854-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1000518 Upstream summary: aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Servers and clients, unless configured […]

Read more
SLES 15 — go1.11 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — go1.11 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:2213-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-14809 Upstream summary: net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. […]

Read more
SLES 15 — npm16 — multiple vulnerabilities (19 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — npm16 — multiple vulnerabilities (19 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:1678-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-32067 CVE-2023-23919 CVE-2023-24807 CVE-2022-35255 CVE-2024-30261 CVE-2024-24758 CVE-2023-39333 CVE-2023-30588  +11 more Upstream summary: c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. […]

Read more
SLES 16 — tpm2.0-tools — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — tpm2.0-tools — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-7524 CVE-2021-3565 CVE-2024-29038 CVE-2024-29039 Upstream summary: tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to […]

Read more
SLES 15 — libaudiofile1 — multiple vulnerabilities (18 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libaudiofile1 — multiple vulnerabilities (18 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:0940-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-7747 CVE-2018-17095 CVE-2019-13147 CVE-2022-24599 CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830  +10 more Upstream summary: Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File […]

Read more
SLES 15 — pkgconf — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — pkgconf — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:0611-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-24056 Upstream summary: In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file […]

Read more
SLES 15 — libXdmcp6 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libXdmcp6 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1862-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-2625 Upstream summary: It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a […]

Read more
SLES 15 — ghc-pandoc — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ghc-pandoc — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02037-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38526 Upstream summary: pdoc provides API Documentation for Python Projects. Documentation generated with `pdoc –math` linked to JavaScript files from polyfill[.]io. The polyfill[.]io CDN has […]

Read more
SLES 15 — libshibsp7 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libshibsp7 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:3386-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19191 CVE-2017-16852 Upstream summary: Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by […]

Read more
CHAT