60 matches found
SUSE CVE-2026-45922
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...
CVE-2026-45922
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...
CVE-2026-45922
RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler...
Astra Linux - уязвимость в binutils
A memory consumption issue in the getdata function in binutils/nm.c in GNU nm before version 2.34 allows attackers to cause a denial of service through crafted commands...
SUSE SLES15 Security Update : python (SUSE-SU-2026:1365-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1365-1 advisory. - CVE-2026-3479: improper resource argument validation in pkgutil.getdata can allow path traversal bsc1259989. Tenable has extracted the preceding...
Security update for python
This update for python fixes the following issues: CVE-2026-3479: improper resource argument validation in pkgutil.getdata can allow path traversal bsc1259989. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:1365-1 Security update for python
This update for python fixes the following issues: - CVE-2026-3479: improper resource argument validation in pkgutil.getdata can allow path traversal bsc1259989...
OPENSUSE-SU-2026:20517-1 Security update for python313
This update for python313 fixes the following issues: Update to version 3.13.13. - CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. - CVE-2026-2297: incorrectly handled hook in FileLoader can...
OESA-2026-1902 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
CVE-2026-5417
A vulnerability was determined in Dataease SQLbot up to 1.6.0. This issue affects the function getesdatabyhttp of the file backend/apps/db/esengine.py of the component Elasticsearch Handler. This manipulation of the argument address causes server-side request forgery. The attack may be initiated...
OPENSUSE-SU-2026:20410-1 Security update for exiv2
This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...
SUSE CVE-2026-3479
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
BIT-PYTHON-2026-3479 pkgutil.get_data() does not enforce documented restrictions
pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...
BIT-PYTHON-MIN-2026-3479 pkgutil.get_data() does not enforce documented restrictions
pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...
Linux Distros Unpatched Vulnerability : CVE-2026-3479
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has be...
EUVD-2026-12940
pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...
CVE-2026-3479
pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...
DEBIAN-CVE-2026-3479
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
CVE-2026-3479 pkgutil.get_data() does not enforce documented restrictions
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...
PSF-2026-13
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...