Lucene search
K

7 matches found

NVD
NVD
added yesterday6 views

CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS
Exploits0References2
CVE
CVE
added yesterday34 views

CVE-2026-44941

CVE-2026-44941: libzypp path traversal via the keyhint option in repomd.xml parsing was fixed in libzypp 17.38.13. The issue allowed a malicious repository to inject/overwrite files as root due to treating keyhint as a path. The remediation is to upgrade libzypp components (and related libsolv/li...

8.4CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-41406

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/19 7:11 a.m.2 views

SUSE-SU-2026:22172-1 Security update for zypper, libzypp, libsolv

This update for zypper, libzypp, libsolv fixes the following issues: Changes in zypper: Update to 1.14.98: - Transactional systems: Delegate rw-commands to transactional-wrapper if available jscPED-13680, jscPED-15607 On a transactional system where the root filesystem is mounted read-only, zyppe...

8.8CVSS6.2AI score0.006EPSS
Exploits0References20
OSV
OSV
added 2026/06/09 1:37 p.m.3 views

SUSE-SU-2026:22073-1 Security update for libzypp

This update for libzypp fixes the following issues Version 17.38.13 35: - CVE-2026-44941: path traversal via "keyhint" bsc1267426. - CVE-2026-44942: .repo files can have an optional path which can lead to path traversal attacks bsc1267874...

8.4CVSS5.4AI score0.00329EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 2:15 p.m.6 views

SUSE-SU-2026:22062-1 Security update for libzypp

This update for libzypp fixes the following issue Version 17.38.12 35: - CVE-2026-44941: path traversal via "keyhint" bsc1267426...

8.4CVSS5.3AI score
Exploits0References3
Rows per page
Query Builder