Security update for git-bug (important)

openSUSE Security Update: Security update for git-bug Announcement ID: openSUSE-SU-2026:0171-1 Rating: important References: 1253506 1253930 1254084 1264955 1265416 Cross-References: CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVE-2026-1229 CVE-2026-41506 CVSS scores: CVE-2025-47913 SUSE: 8.7...

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper escaping of textarea custom field contents in the bugupdatepage.php process. An attacker can inject HTML and, if content security policy settings allow,...

CVE-2026-25237

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

CVE-2026-25237

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

UBUNTU-CVE-2026-25237

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

CVE-2026-25237 PEAR is Vulnerable to PHP Code Execution via preg_replace /e in Bug Update Emails

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

CVE-2026-25237

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

CVE-2026-25237 PEAR is Vulnerable to PHP Code Execution via preg_replace /e in Bug Update Emails

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

CVE-2026-25237

CVE-2026-25237 affects the PEAR framework. Prior to version 1.33.0, handling of bug update emails using preg_replace() with the /e modifier can lead to PHP code execution when attacker-controlled content is evaluated. The issue has been fixed in PEAR version 1.33.0. Based on connected documents, ...

CVE-2026-25237 PEAR is Vulnerable to PHP Code Execution via preg_replace /e in Bug Update Emails

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

PT-2026-6286

Name of the Vulnerable Software and Affected Versions PEAR versions prior to 1.33.0 Description PEAR, a framework for reusable PHP components, contains a flaw related to the use of the preg replace function with the /e modifier. This can lead to PHP code execution if attacker-controlled content i...

Security update for git-bug (moderate)

openSUSE Security Update: Security update for git-bug Announcement ID: openSUSE-SU-2025:0418-1 Rating: moderate References: 1251463 1251664 Cross-References: CVE-2025-47911 CVE-2025-58190 CVSS scores: CVE-2025-47911 SUSE: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N...

git-bug-0.10.1-2.1 on GA media (moderate)

git-bug-0.10.1-2.1 on GA media Announcement ID: openSUSE-SU-2025:15654-1 Rating: moderate Cross-References: CVE-2025-47911 CVE-2025-58190 CVSS scores: CVE-2025-47911 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-47911 SUSE : 6.9...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14.13 Bug Fix Update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.14.13 on Red Hat Enterprise Linux 9 from Red Hat Container Registry. Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50116)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50116 advisory. - In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing...

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Medium: c-ares

Issue Overview: c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files...

Important: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Reference...

containernetworking-plugins security and bug fix update

1:1.2.0-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.2.0 - Related: 2124478...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.4.1

Logging Subsystem 5.4.1 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...