SLES

SLES 15 — libzypp-plugin-appdata — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libzypp-plugin-appdata — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:0095-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-22643 Upstream summary: An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server […]

Read more
SLES 15 — npm24 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — npm24 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:7350 (see also SUSE bugzilla) Related CVEs: CVE-2026-21712 CVE-2025-59464 Upstream summary: A flaw in Node.js URL processing causes an assertion failure in native code when `url.format()` is called with a malformed internationalized […]

Read more
SLES 12 — libtcnative — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libtcnative — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:14014-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-8020 CVE-2017-15698 CVE-2018-8019 Upstream summary: Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced […]

Read more
SLES 15 — jsoup — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — jsoup — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:3027-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-36033 Upstream summary: jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML […]

Read more
SLES 15 — jawn-util — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — jawn-util — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:0011-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-21653 Upstream summary: Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash […]

Read more
SLES 16 — xmlgraphics-commons — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — xmlgraphics-commons — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:712-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-11988 Upstream summary: Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using […]

Read more
SLES 12 — mozilla-nspr — multiple vulnerabilities (16 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — mozilla-nspr — multiple vulnerabilities (16 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1680-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-4500 CVE-2015-4501 CVE-2015-4506 CVE-2015-4509 CVE-2015-4511 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520  +8 more Upstream summary: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and […]

Read more
SLES 15 — p7zip — multiple vulnerabilities (11 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — p7zip — multiple vulnerabilities (11 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2475-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-52168 CVE-2023-52169 CVE-2017-17969 CVE-2022-47069 CVE-2023-1576 CVE-2025-53817 CVE-2021-3465 CVE-2016-2334  +3 more Upstream summary: The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based […]

Read more
SLES 12 — openconnect — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — openconnect — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2013-7098 CVE-2019-16239 CVE-2020-12105 CVE-2020-12823 CVE-2012-6128 CVE-2012-3291 Upstream summary: OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection. […]

Read more
CHAT