SUSE-SU-2026:2493-1 Security update for containerized-data-importer

This update for containerized-data-importer fixes the following issues: - Security: re-vendor Go dependencies to address CVEs tracked against containerized-data-importer backport of upstream PR 4110, post-v1.65.0. Fixed by this update: google.golang.org/grpc 1.65.0 - 1.79.3: bsc1260295...

Security update for yq (important)

openSUSE security update: security update for yq ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20892-1 Rating: important References: bsc1241719 bsc1251339 bsc1251540 bsc1266248 bsc1267053 bsc1267199 Cross-References: CVE-2024-45338 CVE-2025-22872...

USN-8089-3 adsys, juju-core, lxd vulnerabilities

USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in LXD, ADSys, and Juju Core. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go...

SUSE SLES15: apptainer / apptainer-leap / apptainer-sle15_6 / apptainer-sle15_7 / etc (SUSE-SU-2026:0439-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0439-1 advisory. Security fixes: - CVE-2024-45310: Fixed runc being tricked into creating empty files/directories on host bsc1257432 -...

Security update for go-sendxmpp (moderate)

openSUSE security update: security update for go-sendxmpp ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20058-1 Rating: moderate References: bsc1241814 bsc1251461 bsc1251677 Cross-References: CVE-2025-22872 CVE-2025-47911 CVE-2025-58190 CVSS score...

Security update for trivy (important)

openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2025:0489-1 Rating: important References: 1239225 1239385 1240466 1241724 1243633 1246730 1248897 1248937 1250625 1251363 1251547 1253512 1253786 1253977 Cross-References: CVE-2025-11065 CVE-2025-22868 CVE-2025-22869...

Security update for trivy (important)

openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2025:0490-1 Rating: important References: 1239225 1239385 1240466 1241724 1243633 1246730 1248897 1248937 1250625 1251363 1251547 1253512 1253786 1253977 Cross-References: CVE-2025-11065 CVE-2025-22868 CVE-2025-22869...

SUSE SLES15 Security Update : kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (SUSE-SU-2025:4330-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4330-1 advisory. Updated kubevirt to version 1.6.3: - CVE-2025-22872: Fixed incorrect interpretation of tags leading content to be placed wrong scop...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Cross-site Scripting in golang.org/x/net/proxy [CVE-2025-22872]

Summary IBM Watson Speech Services Cartridge is vulnerable to Cross-site Scripting in golang.org/x/net/proxy, due to incorrect interpretation of tags in the tokenizer CVE-2025-22872. Golang is used in our speech utilities. This vulnerabilitiy has been addressed. Please read the details for...

Fedora: Security Advisory (FEDORA-2025-bacdac27c8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-bf271e904b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-89401f2116)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-3d0ada20e1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-a6574c5095)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-4af86bb0f8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to multiple CVEs

Summary IBM Maximo Application Suite uses WebSphere Application Server Liberty V.25.0.0.2, flask-3.1.0-py3-none-any.whl form-data-2.5.1.tgz and golang.org/x/net which is vulnerable to CVE-2025-36097, CVE-2025-7783, CVE-2025-25193, CVE-2025-47278, CVE-2025-23184, CVE-2025-22872 and CVE-2024-56339...

CVE-2025-22872 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

CVE-2025-22872 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...

SUSE SLES15: kubevirt-container-disk / kubevirt-manifests / etc (SUSE-SU-2025:03278-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03278-1 advisory. This update for kubevirt updates golang.org/x/net to 0.38.0, fixing security issues CVE-2025-22872, CVE-2024-45337,...

Fedora: Security Advisory (FEDORA-2025-99309ef35f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...