SUSE SLES15 / openSUSE 15 Security Update : ghc-pandoc (SUSE-SU-2025:02037-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02037-1 advisory. - CVE-2024-38526: Fixed Polyfill Supply Chain Attack bsc1227690. Tenable has extracted the preceding description block directly from the...

openSUSE Security Advisory (SUSE-SU-2025:02037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for ghc-pandoc

This update for ghc-pandoc fixes the following issues: CVE-2024-38526: Fixed Polyfill Supply Chain Attack bsc1227690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...

SUSE-SU-2025:02037-1 Security update for ghc-pandoc

This update for ghc-pandoc fixes the following issues: - CVE-2024-38526: Fixed Polyfill Supply Chain Attack bsc1227690...

Pdoc Python Library <= 14.5.1 (CVE-2024-38526)

pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1. Note that Nessus has not tested for this issue but...

SUSE CVE-2024-38526

pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1...

CVE-2024-38526

pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1...

CVE-2024-38526 pdoc embeds link to malicious CDN if math mode is enabled

pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1...

CVE-2024-38526 pdoc embeds link to malicious CDN if math mode is enabled

pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1...

CVE-2024-38526

CVE-2024-38526 affects the pdoc Python library for API documentation. The underlying issue arises from web assets loaded from the polyfill.io CDN, which has been compromised, leading to delivery of malicious JavaScript through the CDN when using pdoc --math. Several connected sources indicate thi...

autohooks-plugin-pdoc (>=0.1.1 <=0.1.2), bond-order-processing (=1.0.3) +20 more potentially affected by CVE-2024-38526 via pdoc (>=0.3.2 <=14.5.0)

pdoc PYPI version =0.3.2, =0.1.1, =1.0.0, =0.9.3, =0.0.7, =2.5.7, =0.1.1, =0.4.5, =0.2.0, =0.3.0, =0.1.0, =0.1.1 and more Source cves: CVE-2024-38526 Source advisory: OSV:GHSA-5VGJ-GGM4-FG62...