SLES

SLES 16 — libgmp10 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — libgmp10 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:541-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-43618 Upstream summary: GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to […]

Read more
SLES 15 — spamassassin — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — spamassassin — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1961-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 CVE-2018-11805 CVE-2019-12420 CVE-2020-1930 CVE-2020-1931 CVE-2020-1946 Upstream summary: A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The […]

Read more
SLES 15 — jtidy — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — jtidy — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3016-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-34623 Upstream summary: An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object […]

Read more
SLES 16 — slf4j — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — slf4j — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1744-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-8088 Upstream summary: org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData […]

Read more
SLES 16 — libjansson4 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — libjansson4 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0467-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-6401 Upstream summary: Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a […]

Read more
SLES 12 — corosync — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — corosync — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1121-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1084 Upstream summary: corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. Table of contents Symptom & Impact Environment & Reproduction Root […]

Read more
SLES 15 — apache-commons-configuration2 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — apache-commons-configuration2 — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-33980 Upstream summary: Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where […]

Read more
SLES 15 — libxmltooling9 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libxmltooling9 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:2766-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-36661 Upstream summary: Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed […]

Read more
SLES 15 — wavpack — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — wavpack — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0186-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10536 CVE-2018-10537 CVE-2018-6767 CVE-2020-35738 CVE-2021-44269 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540  +7 more Upstream summary: An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component […]

Read more
SLES 16 — taglib — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — taglib — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-12678 CVE-2012-2396 CVE-2018-11439 Upstream summary: In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause […]

Read more
CHAT