457 matches found
Critical Photon OS Security Update - PHSA-2026-5.0-0886
Updates of 'nano', 'samba-client', 'libsolv' packages of Photon OS have been released...
OESA-2026-2637 libsolv security update
A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: Security Fixes: A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when...
OESA-2026-2636 libsolv security update
A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: Security Fixes: A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when...
CentOS 9 : libsolv-0.7.24-6.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libsolv-0.7.24-6.el9 build changelog. - A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker- controlled compressed data within .solv files...
Important: libsolv
Issue Overview: A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI...
TencentOS Server 4: libsolv (TSSA-2026:0423)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0423 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Amazon Linux 2 : libsolv, --advisory ALAS2-2026-3338 (ALAS-2026-3338)
The version of libsolv installed on the remote host is prior to 0.6.34-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3338 advisory. A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker- controlled compressed...
Important: libsolv
Issue Overview: A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable...
OESA-2026-2556 libsolv security update
A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: Security Fixes: MANUALLYVERIFIEDREPORT package: libsolv-0.7.33-2.el10 ------ Security Heap Buffer Overflow in repoaddsolv via Negative maxsize Summary: Heap buffer overfl...
SUSE-SU-2026:21988-1 Security update for libzypp, libsolv
This update for libzypp, libsolv fixes the following issues: libsolv was updated to 0.7.39: - fix solvchksumfree segfault when called with a NULL pointer - made repoaddsolv more robust against corrupt files bsc1265935 CVE-2026-9149 - fix potential buffer overflow when verifying EdDSA signatures...
SUSE-SU-2026:21992-1 Security update for libzypp, libsolv
This update for libzypp, libsolv fixes the following issues: libsolv was updated to 0.7.39. - fix solvchksumfree segfault when called with a NULL pointer - made repoaddsolv more robust against corrupt files bsc1265935 CVE-2026-9149 - fix potential buffer overflow when verifying EdDSA signatures...
libsolv-demo-0.7.38-1.1 on GA media (moderate)
libsolv-demo-0.7.38-1.1 on GA media Announcement ID: openSUSE-SU-2026:10895-1 Rating: moderate Cross-References: CVE-2026-48863 CVE-2026-9149 CVE-2026-9150 CVSS scores: CVE-2026-48863 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-48863 SUSE : 8.7...
Linux Distros Unpatched Vulnerability : CVE-2026-48863
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - libsolv - None Ubuntu Linux - Unknown description CVE-2026-48863 Note that Nessus relies on the presence of the package as reported by the vendor...
OPENSUSE-SU-2026:10895-1 libsolv-demo-0.7.38-1.1 on GA media
These are all security issues fixed in the libsolv-demo-0.7.38-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-45159
Name of the Vulnerable Software and Affected Versions libsolv-demo versions prior to 0.7.38-1.1 Description Security issues were identified in the libsolv-demo package. Recommendations Update to version 0.7.38-1.1...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libsolv: libsolv-0.7.38-2.hum1 aarch64, x8664 libsolv-demo-0.7.38-2.hum1 aarch64, x8664 libsolv-devel-0.7.38-2.hum1 aarch64, x8664 libsolv-tools-0.7.38-2.hum1 aarch64, x8664...
Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums
...
SUSE CVE-2026-48864
A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...
Linux Distros Unpatched Vulnerability : CVE-2026-48864
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker- controlled compressed data within .solv files due to...
CVE-2026-48863
A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI lengths. Processin...