Suse - Page 98 of Suse Vulnerabilities List

SUSE Linux•added 2024/11/08 7:28 a.m.•0 views

Security update for qemu

This update for qemu fixes the following issues: CVE-2024-8354: Fixed assertion failure in usbepget bsc1230834. CVE-2024-8612: Fixed nformation leak in virtio devices bsc1230915. CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc122900...

8.2CVSS6.6AI score0.01848EPSS

Exploits0References12

SUSE Linux•added 2024/11/07 4:24 p.m.•3 views

Security update for python39

This update for python39 fixes the following issues: CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug fixes: Drop .pyc files from docdir for reproducible builds bsc1230906. Patch Instructions: To install this SUSE update use the SUSE recommended...

6.5CVSS7.5AI score0.00061EPSS

SUSE Linux•added 2024/11/07 3:57 p.m.•2 views

Security update for python3

This update for python3 fixes the following issues: CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug fixes: Drop .pyc files from docdir for reproducible builds bsc1230906. Patch Instructions: To install this SUSE update use the SUSE recommended...

6.5CVSS7.2AI score0.00061EPSS

SUSE Linux•added 2024/11/07 10:12 a.m.•0 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...

5.9CVSS6.7AI score0.00879EPSS

SUSE Linux•added 2024/11/07 10:11 a.m.•2 views

Security update for ghostscript

This update for ghostscript fixes the following issues: CVE-2024-46951: Fixed arbitrary code execution via unchecked "Implementation" pointer in "Pattern" color space bsc1232265. CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path traversal, code...

7.8CVSS8.3AI score0.00301EPSS

SUSE Linux•added 2024/11/07 10:11 a.m.•1 views

Security update for ghostscript

7.8CVSS7.6AI score0.00301EPSS

SUSE Linux•added 2024/11/07 10:9 a.m.•1 views

Security update for libarchive

This update for libarchive fixes the following issues: CVE-2024-20697: Fixed Out of bounds Remote Code Execution Vulnerability bsc1225972. CVE-2024-48958: Fixed out-of-bounds access via a crafted archive file in executefilterdelta function bsc1231624. Patch Instructions: To install this SUSE upda...

7.8CVSS6.5AI score0.49429EPSS

Exploits1References8

SUSE Linux•added 2024/11/07 10:8 a.m.•1 views

Security update for ruby2.1

This update for ruby2.1 fixes the following issues: CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

8.3CVSS7.3AI score0.00108EPSS

SUSE Linux•added 2024/11/07 10:8 a.m.•2 views

Security update for go1.22-openssl

This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 jscSLE-18320 Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. Update to Go 1.22.7 229 go1.22.7 released 2024-09-05 includes securi...

7.5CVSS7.8AI score0.75268EPSS

Exploits2References64

SUSE Linux•added 2024/11/07 10:8 a.m.•1 views

Security update for go1.23-openssl

This update for go1.23-openssl fixes the following issues: This update ships go1.23-openssl version 1.23.2.2. jscSLE-18320 go1.23.2 released 2024-10-01 includes fixes to the compiler, cgo, the runtime, and the maps, os, os/exec, time, and unique packages. go69119 os: double close pidfd if caller...

5.9CVSS6.4AI score0.00306EPSS

SUSE Linux•added 2024/11/06 3:33 p.m.•1 views

Security update for python36

This update for python36 fixes the following issues: Security fixes: CVE-2024-9287: properly quote path names provided when creating a virtual environment bsc1232241 Other fixes: Drop .pyc files from docdir for reproducible builds bsc1230906 Patch Instructions: To install this SUSE update use the...

6.5CVSS7.3AI score0.00061EPSS

SUSE Linux•added 2024/11/06 10:16 a.m.•1 views

Security update for curl

This update for curl fixes the following issues: CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry bsc1232528 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

6.9CVSS7.3AI score0.00745EPSS

SUSE Linux•added 2024/11/06 10:16 a.m.•0 views

Security update for curl

6.9CVSS6.8AI score0.00745EPSS

SUSE Linux•added 2024/11/06 10:14 a.m.•0 views

Security update for curl

6.9CVSS6.9AI score0.00745EPSS

SUSE Linux•added 2024/11/06 10:14 a.m.•3 views

Security update for python310

This update for python310 fixes the following issues: CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug fixes: Drop .pyc files from docdir for reproducible builds bsc1230906. Patch Instructions: To install this SUSE update use the SUSE recommended...

6.5CVSS7.5AI score0.00061EPSS

SUSE Linux•added 2024/11/06 10:13 a.m.•1 views

Security update for gradle

This update for gradle fixes the following issues: CVE-2023-35947: Fixed an issue while unpacking tar archives, where files could be created outside of the unpack location bsc1212931. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

6.9CVSS9.4AI score0.00127EPSS

SUSE Linux•added 2024/11/06 10:12 a.m.•0 views

Security update for libgsf

This update for libgsf fixes the following issues: CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation bsc1231282, bsc1231283. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.8CVSS6.2AI score0.00054EPSS

SUSE Linux•added 2024/11/06 10:11 a.m.•2 views

Security update for libgsf

7.8CVSS7.3AI score0.00054EPSS

SUSE Linux•added 2024/11/06 10:11 a.m.•1 views

Security update for libgsf

7.8CVSS6.2AI score0.00054EPSS

SUSE Linux•added 2024/11/05 7:45 a.m.•2 views

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241030T212825 2024-10-30T21:28:25Z jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2024-3230 CVE-2024-48921 GHSA-qjvc-p88j-j9rm GO-2024-3232 CVE-2024-10241 GHSA-6mvp-gh77-7vwh Go C...

9.9CVSS6.9AI score0.94047EPSS

Exploits16References90

SUSE Linux•added 2024/11/04 12:39 p.m.•0 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: Security fixes: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Other fixes: FIPS: AES GCM external IV implementation bsc1228618 FIPS: Mark PBKDF2 and HKDF HMAC input keys with size = 112 bits as approved in the SLI. bsc1228623...

5.9CVSS6.7AI score0.00879EPSS

Exploits0References36

SUSE Linux•added 2024/11/04 12:38 p.m.•1 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...

5.9CVSS7.3AI score0.00879EPSS

SUSE Linux•added 2024/11/04 11:16 a.m.•2 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.4.0 ESR bsc1231879: CVE-2024-10458: Permission leak via embed or object elements CVE-2024-10459: Use-after-free in layout with accessibility CVE-2024-10460: Confusing display of origin for external...

9.8CVSS10AI score0.00944EPSS

Exploits0References22

SUSE Linux•added 2024/11/04 11:15 a.m.•2 views

Security update for MozillaFirefox

9.8CVSS8.7AI score0.00944EPSS

Exploits0References22

SUSE Linux•added 2024/11/04 7:3 a.m.•1 views

Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002322 fixes one issue. The following security issue was fixed: CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like Ya...

7.8CVSS7.8AI score0.00016EPSS

SUSE Linux•added 2024/11/04 7:3 a.m.•0 views

Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...

7.8CVSS8.1AI score0.00016EPSS

Exploits0References12

SUSE Linux•added 2024/11/04 6:33 a.m.•0 views

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-40954: ne...

7.8CVSS8.1AI score0.00016EPSS

SUSE Linux•added 2024/11/04 6:33 a.m.•1 views

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-36899:...

7.8CVSS8.3AI score0.00016EPSS

SUSE Linux•added 2024/11/04 6:33 a.m.•3 views

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 CVE-2024-35863: Fixed potential UAF in...

7.8CVSS8.5AI score0.00028EPSS

Exploits0References52

SUSE Linux•added 2024/11/01 4:5 p.m.•1 views

Security update for python3

This update for python3 fixes the following issues: Security fixes: CVE-2024-9287: properly quote path names provided when creating a virtual environment bsc1232241 Other fixes: Drop .pyc files from docdir for reproducible builds bsc1230906 Patch Instructions: To install this SUSE update use the...

6.5CVSS7.5AI score0.00061EPSS

SUSE Linux•added 2024/11/01 3:32 p.m.•1 views

Security update for rubygem-actionmailer-5_1

This update for rubygem-actionmailer-51 fixes the following issues: CVE-2024-47889: Fixed Possible ReDoS vulnerability in blockformat in Action Mailer bsc1231723. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.9CVSS7.5AI score0.00317EPSS

SUSE Linux•added 2024/11/01 3:31 p.m.•7 views

Security update for rubygem-actionpack-5_1

This update for rubygem-actionpack-51 fixes the following issues: CVE-2024-47887: Fixed Possible ReDoS vulnerability in HTTP Token authentication in Action Controller bsc1231729. CVE-2024-42228: Fixed uninitialized value size when calling amdgpuvcecsreloc bsc1228667. Patch Instructions: To instal...

5.9CVSS7.7AI score0.00273EPSS

SUSE Linux•added 2024/11/01 3:29 p.m.•2 views

Security update for python-waitress

This update for python-waitress fixes the following issues: CVE-2024-49768: Fixed request processing race condition in HTTP pipelining with invalid first request when lookahead is enabled bsc1232556 CVE-2024-49769: Fixed incorrect connection clean up leads to a busy-loop and resource exhaustion...

9.1CVSS7.5AI score0.01524EPSS

SUSE Linux•added 2024/11/01 3:29 p.m.•7 views

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Updated to version 11.0.25+9 October 2024 CPU: CVE-2024-21208: Fixed partial DoS in component Networking bsc1231702 CVE-2024-21210: Fixed unauthorized read/write access to data in component Hotspot bsc1231711 CVE-2024-21217: Fixed partia...

6.3CVSS6.2AI score0.00171EPSS

SUSE Linux•added 2024/11/01 3:26 p.m.•2 views

Security update for ruby2.5

This update for ruby2.5 fixes the following issues: CVE-2024-43398: Fixed DoS when parsing a XML that has many deep elements with the same local name attributes bsc1229673 CVE-2024-41123: Fixed DoS when parsing an XML that contains many specific characters such as whitespaces, and bsc1228794...

8.7CVSS7.2AI score0.07595EPSS

Exploits1References20

SUSE Linux•added 2024/11/01 3:23 p.m.•1 views

Security update for rubygem-bundler

This update for rubygem-bundler fixes the following issues: CVE-2021-43809: Fixed remote execution via Gemfile argument injection bsc1193578 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

7.3CVSS6.9AI score0.01553EPSS

SUSE Linux•added 2024/11/01 3:20 p.m.•1 views

Security update for openssl-1_1

5.9CVSS7.3AI score0.00879EPSS

SUSE Linux•added 2024/11/01 3:20 p.m.•3 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 CVE-2024-41996: Avoid expensive public key validation for known safe-prime groups DHEATATTACK bsc1230698 Patch Instructions: To install this SUSE update use the SUSE recommended...

8.2CVSS7.3AI score0.00879EPSS

SUSE Linux•added 2024/11/01 3:19 p.m.•4 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. CVE-2024-40866 CVE-2024-44187 Already fixed in version 2.44.3: CVE-2024-4558 CVE-2024-27838 CVE-2024-27851 Already fixed in version 2.44.2: CVE-2024-27834 CVE-2024-27808 CVE-2024-27820 CVE-2024-27833...

8.8CVSS7.3AI score0.03683EPSS

Exploits7References28

SUSE Linux•added 2024/11/01 3:18 p.m.•0 views

Security update for webkit2gtk3

8.8CVSS7.9AI score0.03683EPSS

Exploits7References28

SUSE Linux•added 2024/11/01 3:13 p.m.•1 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2024-9632: Fixed heap-based buffer overflow privilege escalation in XkbSetCompatMap bsc1231565. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.5CVSS8.1AI score0.00057EPSS

SUSE Linux•added 2024/11/01 3:13 p.m.•0 views

Security update for xorg-x11-server

8.5CVSS8.5AI score0.00057EPSS

SUSE Linux•added 2024/11/01 3:6 p.m.•4 views

Security update for apache2

This update for apache2 fixes the following issues: CVE-2024-40725: Fixed source code disclosure of local content bsc1228097 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...

7.5CVSS5.9AI score0.25097EPSS

Exploits3References4

SUSE Linux•added 2024/11/01 3:5 p.m.•2 views

Security update for cups-filters

This update for cups-filters fixes the following issues: CVE-2024-47850: cups-browsed can be abused to initiate remote DDoS against third-party targets bsc1231294 CVE-2024-47076: Fixed lack of input sanitization in cfGetPrinterAttributes5 bsc1230937. Patch Instructions: To install this SUSE updat...

9.3CVSS8.2AI score0.75847EPSS

Exploits15References8

SUSE Linux•added 2024/11/01 6:34 a.m.•1 views

Security update for uwsgi

This update for uwsgi fixes the following issues: CVE-2024-24795: Fixed HTTP Response Splitting in multiple modules bsc1222332 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

6.1CVSS6.2AI score0.01123EPSS