Security update for python-requests

This update for python-requests fixes the following issues: CVE-2026-25645: extractzippedpaths uses predictable filenames when extracting files from zip archives and reuses target files that already exist without validation bsc1260589. Patch Instructions: To install this SUSE update use the SUSE...

CVE-2026-31802

CVE-2026-31802 affects node-tar (tar for Node.js) prior to version 7.5.11. The vulnerability allows a symlink path traversal during tar.x() extraction when a drive-relative symlink target such as C:../../../target.txt is used, enabling a file overwrite outside the extraction directory. The issue ...

CVE-2026-31802

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x...

PT-2013-6113 · Rackspace · Rackspace Openstack Windows Guest Agent

Name of the Vulnerable Software and Affected Versions: Rackspace Openstack Windows Guest Agent for XenServer versions prior to 1.2.6.0 Description: The issue allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984. This triggers the download and...