SUSE-SU-2025:1555-1 Security update for go1.22-openssl

This update for go1.22-openssl fixes the following issues: Update to version 1.22.12 bsc1218424: Security fixes: - CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross-domain redirect bsc1236046 - CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name...

CVE-2024-52877

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver,...

CVE-2024-52880

The connected PT-2025-17633 entry provides concrete fixes for Insyde InsydeH2O kernel vulnerabilities: affected kernel versions are 5.2–05.29.49, 5.3–05.38.49, 5.4–05.46.49, 5.5–05.54.49, 5.6–05.61.49, and 5.7–05.70.49. The root cause is that the SecureBootHandler in the VariableRuntimeDxe driver...

Jenkins OpenID Connect Provider Plugin Incorrectly Validates Crafted Build ID Tokens

In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a...

GHSA-Q7C3-X7HM-QQ72 Jenkins OpenID Connect Provider Plugin Incorrectly Validates Crafted Build ID Tokens

In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a...

Alibaba Cloud Linux 3 : 0282: gstreamer1-plugins-good (ALINUX3-SA-2024:0282)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0282 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-47537: GStreamer is a library for...

php: cgi.force_redirect configuration is bypassable due to the environment variable collision

A flaw was found in PHP. The configuration directive cgi.forceredirect prevents anyone from calling PHP directly with a URL such as http://host.example/cgi-bin/php/secretdir/script.php. However, in certain uncommon configurations, an attacker may be able to bypass this restriction and access...

X.Org: Xwayland: Use-after-free of the root cursor

A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free...

kernel: wifi: iwlwifi: mvm: fix 6 GHz scan construction

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8,...

kernel: net/iucv: Avoid explicit cpumask var allocation on stack

In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. Instead, kernel code...

EulerOS 2.0 SP10 : freetype (EulerOS-SA-2025-1509)

According to the versions of the freetype package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font...

CVE-2025-47424

Retool self-hosted before 3.196.0 allows Host header injection. When the BASEDOMAIN environment variable is not set, the HTTP host header can be manipulated...

CVE-2025-47424

Retool self-hosted before 3.196.0 allows Host header injection. When the BASEDOMAIN environment variable is not set, the HTTP host header can be manipulated...

CVE-2025-37887 pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result

In the Linux kernel, the following vulnerability has been resolved: pdscore: handle unsupported PDSCORECMDFWCONTROL result If the FW doesn't support the PDSCORECMDFWCONTROL command the driver might at the least print garbage and at the worst crash when the user runs the "devlink dev info" devlink...

CVE-2025-47424

Retool self-hosted before 3.196.0 allows Host header injection. When the BASEDOMAIN environment variable is not set, the HTTP host header can be manipulated...

CVE-2025-47424

Retool self-hosted before 3.196.0 allows Host header injection. When the BASEDOMAIN environment variable is not set, the HTTP host header can be manipulated...

CVE-2025-47424

CVE-2025-47424 affects Retool (self-hosted) prior to 3.196.0. The underlying issue is a Host header injection when BASE_DOMAIN is not set, allowing manipulation of the HTTP Host header. The vulnerability is described with a potential impact on confidentiality/integrity (per the CVSS metrics) and ...

Ensure That the su Command Inherits the User Environment Variables Without Escalating Privileges

The su command enables a common user to have the permissions of the superuser or other users. It is often used for switching the user from a common user to the root user. The su command provides a convenient way for users to change their identities. However, if the su command is run without...

Ensure That the PATH User Variable Is Strictly Defined

In Linux, the PATH variable defines the path for searching for executable files in the user context of the current user. For example, if a user runs the ls command in any directory, the system searches for the ls command in the directories specified by PATH and executes the command. The PATH...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21996)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21996 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue...