AZL-52236 CVE-2024-51744 affecting package etcd for versions less than 3.5.21-1

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

CVE-2020-23064

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-11023. Reason: This candidate is a duplicate of CVE-2020-11023. Notes: All CVE users should reference CVE-2020-11023 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

SUSE-RU-2022:2355-1 Recommended update for python-cryptography

This update for python-cryptography fixes the following issues: python-cryptography was updated to 3.3.2. update to 3.3.0: BACKWARDS INCOMPATIBLE: The GCM and AESGCM now require 64-bit to 1024-bit 8 byte to 128 byte initialization vectors. This change is to conform with an upcoming OpenSSL releas...

CVE-2020-11022

In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. This problem is patched in jQuery 3.5.0...