Troubleshooting

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1137-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-3618 CVE-2017-16844 Upstream summary: Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2021:741-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-12825 CVE-2017-7960 CVE-2017-7961 CVE-2017-8834 CVE-2017-8871 Upstream summary: libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption. Table of contents Symptom […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:2871-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-13089 CVE-2017-13090 CVE-2019-5953 CVE-2024-10524 CVE-2021-31879 CVE-2024-38428 CVE-2010-2252 CVE-2014-4877  +5 more Upstream summary: The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0870-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-0107 Upstream summary: The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2009:020 (see also SUSE bugzilla) Related CVEs: CVE-2009-3627 Upstream summary: The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2022:0444-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-20060 CVE-2019-9740 CVE-2016-9015 CVE-2019-11236 CVE-2019-11324 Upstream summary: urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:108-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-4122 CVE-2020-14382 Upstream summary: It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03077-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-58266 CVE-2022-24713 Upstream summary: The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3533-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-3019 CVE-2019-3695 CVE-2019-3696 CVE-2023-6917 CVE-2024-45769 CVE-2024-45770 CVE-2012-3418 CVE-2012-3419  +4 more Upstream summary: A flaw was found in PCP. The default pmproxy configuration exposes the Redis […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:17558 (see also SUSE bugzilla) Related CVEs: CVE-2025-48964 CVE-2025-47268 Upstream summary: ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via […]