{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for python311, python-rpm-macros",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for python311, python-rpm-macros fixes the following issues:\n\npython311:\n  - CVE-2024-0450: Fixed zipfile module vulnerability with \"quoted-overlap\" zipbomb (bsc#1221854)\n  - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges (bsc#1226448)\n  - CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods (bsc#1226447)\n  - CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780)\n  - Fixed executable bits for /usr/bin/idle* (bsc#1227378).\n\n\npython-rpm-macros:\n\n  - Update to version 20240618.c146b29:\n    * Add %FLAVOR_pytest and %FLAVOR_pyunittest variants\n\n  - Update to version 20240618.1e386da:\n    * Fix python_clone sed regex\n\n  - Update to version 20240614.02920b8:\n    * Make sure that RPM_BUILD_ROOT env is set\n    * don\u0027t eliminate any cmdline arguments in the shebang line\n    * Create python313 macros\n\n  - Update to version 20240415.c664b45:\n    * Fix typo 310 -\u003e 312 in default-prjconf\n\n  - Update to version 20240202.501440e:\n    * SPEC0: Drop python39, add python312 to buildset (#169)\n\n  - Update to version 20231220.98427f3:\n    * fix python2_compile macro\n\n  - Update to version 20231207.46c2ec3:\n    * make FLAVOR_compile compatible with python2\n\n  - Update to version 20231204.dd64e74:\n    * Combine fix_shebang in one line\n    * New macro FLAVOR_fix_shebang_path\n    * Use realpath in %python_clone macro shebang replacement\n    * Compile and fix_shebang in %python_install macros\n\n  - Update to version 20231010.0a1f0d9:\n    * Revert \"Compile and fix_shebang in %python_install macros\"\n    * gh#openSUSE/python-rpm-macros#163\n\n  - Update to version 20231010.a32e110:\n    * Compile and fix_shebang in %python_install macros\n\n  - Update to version 20231005.bf2d3ab:\n    * Fix shebang also in sbin with macro _fix_shebang\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-23",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20025-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20025-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520025-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20025-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021358.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1174091",
        "url": "https://bugzilla.suse.com/1174091"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189495",
        "url": "https://bugzilla.suse.com/1189495"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221854",
        "url": "https://bugzilla.suse.com/1221854"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226447",
        "url": "https://bugzilla.suse.com/1226447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226448",
        "url": "https://bugzilla.suse.com/1226448"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227378",
        "url": "https://bugzilla.suse.com/1227378"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1228780",
        "url": "https://bugzilla.suse.com/1228780"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 831629",
        "url": "https://bugzilla.suse.com/831629"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-20907 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-20907/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9947 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9947/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15523 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15523/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15801 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15801/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25236 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25236/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52425 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52425/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0397 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0397/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0450 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0450/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4032 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4032/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6923 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6923/"
      }
    ],
    "title": "Security update for python311, python-rpm-macros",
    "tracking": {
      "current_release_date": "2025-02-03T08:50:40Z",
      "generator": {
        "date": "2025-02-03T08:50:40Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20025-1",
      "initial_release_date": "2025-02-03T08:50:40Z",
      "revision_history": [
        {
          "date": "2025-02-03T08:50:40Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpython3_11-1_0-3.11.8-3.1.aarch64",
                "product": {
                  "name": "libpython3_11-1_0-3.11.8-3.1.aarch64",
                  "product_id": "libpython3_11-1_0-3.11.8-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-3.11.8-3.1.aarch64",
                "product": {
                  "name": "python311-3.11.8-3.1.aarch64",
                  "product_id": "python311-3.11.8-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-base-3.11.8-3.1.aarch64",
                "product": {
                  "name": "python311-base-3.11.8-3.1.aarch64",
                  "product_id": "python311-base-3.11.8-3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-curses-3.11.8-3.1.aarch64",
                "product": {
                  "name": "python311-curses-3.11.8-3.1.aarch64",
                  "product_id": "python311-curses-3.11.8-3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpython3_11-1_0-3.11.8-3.1.s390x",
                "product": {
                  "name": "libpython3_11-1_0-3.11.8-3.1.s390x",
                  "product_id": "libpython3_11-1_0-3.11.8-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python311-3.11.8-3.1.s390x",
                "product": {
                  "name": "python311-3.11.8-3.1.s390x",
                  "product_id": "python311-3.11.8-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python311-base-3.11.8-3.1.s390x",
                "product": {
                  "name": "python311-base-3.11.8-3.1.s390x",
                  "product_id": "python311-base-3.11.8-3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python311-curses-3.11.8-3.1.s390x",
                "product": {
                  "name": "python311-curses-3.11.8-3.1.s390x",
                  "product_id": "python311-curses-3.11.8-3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpython3_11-1_0-3.11.8-3.1.x86_64",
                "product": {
                  "name": "libpython3_11-1_0-3.11.8-3.1.x86_64",
                  "product_id": "libpython3_11-1_0-3.11.8-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-3.11.8-3.1.x86_64",
                "product": {
                  "name": "python311-3.11.8-3.1.x86_64",
                  "product_id": "python311-3.11.8-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-base-3.11.8-3.1.x86_64",
                "product": {
                  "name": "python311-base-3.11.8-3.1.x86_64",
                  "product_id": "python311-base-3.11.8-3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-curses-3.11.8-3.1.x86_64",
                "product": {
                  "name": "python311-curses-3.11.8-3.1.x86_64",
                  "product_id": "python311-curses-3.11.8-3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpython3_11-1_0-3.11.8-3.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64"
        },
        "product_reference": "libpython3_11-1_0-3.11.8-3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpython3_11-1_0-3.11.8-3.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x"
        },
        "product_reference": "libpython3_11-1_0-3.11.8-3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpython3_11-1_0-3.11.8-3.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64"
        },
        "product_reference": "libpython3_11-1_0-3.11.8-3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-3.11.8-3.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64"
        },
        "product_reference": "python311-3.11.8-3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-3.11.8-3.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x"
        },
        "product_reference": "python311-3.11.8-3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-3.11.8-3.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64"
        },
        "product_reference": "python311-3.11.8-3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-base-3.11.8-3.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64"
        },
        "product_reference": "python311-base-3.11.8-3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-base-3.11.8-3.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x"
        },
        "product_reference": "python311-base-3.11.8-3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-base-3.11.8-3.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64"
        },
        "product_reference": "python311-base-3.11.8-3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-curses-3.11.8-3.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64"
        },
        "product_reference": "python311-curses-3.11.8-3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-curses-3.11.8-3.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x"
        },
        "product_reference": "python311-curses-3.11.8-3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-curses-3.11.8-3.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        },
        "product_reference": "python311-curses-3.11.8-3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-20907",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-20907"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-20907",
          "url": "https://www.suse.com/security/cve/CVE-2019-20907"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174091 for CVE-2019-20907",
          "url": "https://bugzilla.suse.com/1174091"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-20907"
    },
    {
      "cve": "CVE-2019-9947",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9947"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9947",
          "url": "https://www.suse.com/security/cve/CVE-2019-9947"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1130840 for CVE-2019-9947",
          "url": "https://bugzilla.suse.com/1130840"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1136184 for CVE-2019-9947",
          "url": "https://bugzilla.suse.com/1136184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1155094 for CVE-2019-9947",
          "url": "https://bugzilla.suse.com/1155094"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201559 for CVE-2019-9947",
          "url": "https://bugzilla.suse.com/1201559"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-9947"
    },
    {
      "cve": "CVE-2020-15523",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15523"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15523",
          "url": "https://www.suse.com/security/cve/CVE-2020-15523"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173745 for CVE-2020-15523",
          "url": "https://bugzilla.suse.com/1173745"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15523"
    },
    {
      "cve": "CVE-2020-15801",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15801"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The \u003cexecutable-name\u003e._pth file (e.g., the python._pth file) is not affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15801",
          "url": "https://www.suse.com/security/cve/CVE-2020-15801"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174241 for CVE-2020-15801",
          "url": "https://bugzilla.suse.com/1174241"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-15801"
    },
    {
      "cve": "CVE-2022-25236",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25236"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25236",
          "url": "https://www.suse.com/security/cve/CVE-2022-25236"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196025 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1196025"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196784 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1196784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197217 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1197217"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200038 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1200038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201735 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1201735"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25236"
    },
    {
      "cve": "CVE-2023-52425",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52425"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52425",
          "url": "https://www.suse.com/security/cve/CVE-2023-52425"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219559 for CVE-2023-52425",
          "url": "https://bugzilla.suse.com/1219559"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2024-0397",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0397"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A defect was discovered in the Python \"ssl\" module where there is a memory\nrace condition with the ssl.SSLContext methods \"cert_store_stats()\" and\n\"get_ca_certs()\". The race condition can be triggered if the methods are\ncalled at the same time as certificates are loaded into the SSLContext,\nsuch as during the TLS handshake with a certificate directory configured.\nThis issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0397",
          "url": "https://www.suse.com/security/cve/CVE-2024-0397"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226447 for CVE-2024-0397",
          "url": "https://bugzilla.suse.com/1226447"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-0397"
    },
    {
      "cve": "CVE-2024-0450",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0450"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe zipfile module is vulnerable to \"quoted-overlap\" zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0450",
          "url": "https://www.suse.com/security/cve/CVE-2024-0450"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221854 for CVE-2024-0450",
          "url": "https://bugzilla.suse.com/1221854"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-4032",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4032"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \"ipaddress\" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as \"globally reachable\" or \"private\". This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn\u0027t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.\n\nCPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4032",
          "url": "https://www.suse.com/security/cve/CVE-2024-4032"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226448 for CVE-2024-4032",
          "url": "https://bugzilla.suse.com/1226448"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "low"
        }
      ],
      "title": "CVE-2024-4032"
    },
    {
      "cve": "CVE-2024-6923",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6923"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There is a MEDIUM severity vulnerability affecting CPython.\n\nThe \nemail module didn\u0027t properly quote newlines for email headers when \nserializing an email message allowing for header injection when an email\n is serialized.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6923",
          "url": "https://www.suse.com/security/cve/CVE-2024-6923"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228780 for CVE-2024-6923",
          "url": "https://bugzilla.suse.com/1228780"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.8-3.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.8-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-03T08:50:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6923"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for python311",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for python311 fixes the following issues:\n\n- Skip PGO with %want_reproducible_builds (bsc#1239210)\n\n- CVE-2025-0938: Disallows square brackets ([ and ]) in domain names for parsed\n  URLs (bsc#1236705).\n\n- Configure externally_managed with a bcond (bsc#1228165).\n\n- Update to 3.11.11:\n  - Tools/Demos\n    - gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15\n      and multissltests to use 3.0.15, 3.1.7, and 3.2.3.\n  - Tests\n    - gh-125041: Re-enable skipped tests for zlib on the\n      s390x architecture: only skip checks of the compressed\n      bytes, which can be different between zlib\u2019s software\n      implementation and the hardware-accelerated implementation.\n  - Security\n    - gh-126623: Upgrade libexpat to 2.6.4\n    - gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to\n      consistently use the mapped IPv4 address value for deciding\n      properties. Properties which have their behavior fixed are\n      is_multicast, is_reserved, is_link_local, is_global, and\n      is_unspecified.\n  - Library\n    - gh-124651: Properly quote template strings in venv\n      activation scripts (bsc#1232241, CVE-2024-9287).\n\n- Remove -IVendor/ from python-config (bsc#1231795)\n\n- CVE-2024-9287: Properly quote path names provided when creating a\n  virtual environment (bsc#1232241)\n\n- Drop .pyc files from docdir for reproducible builds\n  (bsc#1230906).\n\n- Update to 3.11.10:\n  - Security\n    - gh-123678: Upgrade libexpat to 2.6.3\n    - gh-121957: Fixed missing audit events around interactive\n      use of Python, now also properly firing for ``python -i``,\n      as well as for ``python -m asyncio``. The event in question\n      is ``cpython.run_stdin``.\n    - gh-122133: Authenticate the socket connection for the\n      ``socket.socketpair()`` fallback on platforms where\n      ``AF_UNIX`` is not available like Windows. Patch by\n      Gregory P. Smith \u003cgreg@krypto.org\u003e and Seth Larson\n      \u003cseth@python.org\u003e. Reported by Ellie \u003cel@horse64.org\u003e\n    - gh-121285: Remove backtracking from tarfile header parsing\n      for ``hdrcharset``, PAX, and GNU sparse headers\n      (bsc#1230227, CVE-2024-6232).\n    - gh-118486: :func:`os.mkdir` on Windows now accepts\n      *mode* of ``0o700`` to restrict the new directory to\n      the current user. This fixes CVE-2024-4030 affecting\n      :func:`tempfile.mkdtemp` in scenarios where the base\n      temporary directory is more permissive than the default.\n    - gh-116741: Update bundled libexpat to 2.6.2\n  - Library\n    - gh-123270: Applied a more surgical fix for malformed\n      payloads in :class:`zipfile.Path` causing infinite loops\n      (gh-122905) without breaking contents using legitimate\n      characters (bsc#1229704, CVE-2024-8088).\n    - gh-123067: Fix quadratic complexity in parsing ``\"``-quoted\n      cookie values with backslashes by :mod:`http.cookies`\n      (bsc#1229596, CVE-2024-7592).\n    - gh-122905: :class:`zipfile.Path` objects now sanitize names\n      from the zipfile.\n    - gh-121650: :mod:`email` headers with embedded newlines are\n      now quoted on output. The :mod:`~email.generator` will now\n      refuse to serialize (write) headers that are unsafely folded\n      or delimited; see :attr:`~email.policy.Policy.verify_generated_headers`.\n      (Contributed by Bas Bloemsaat and Petr Viktorin in\n      :gh:`121650`; CVE-2024-6923, bsc#1228780).\n    - gh-119506: Fix :meth:`!io.TextIOWrapper.write` method\n      breaks internal buffer when the method is called again\n      during flushing internal buffer.\n    - gh-118643: Fix an AttributeError in the :mod:`email` module\n      when re-fold a long address list. Also fix more cases of\n      incorrect encoding of the address separator in the address\n      list.\n    - gh-113171: Fixed various false positives and false\n      negatives in * :attr:`ipaddress.IPv4Address.is_private`\n      (see these docs for details) *\n      :attr:`ipaddress.IPv4Address.is_global` *\n      :attr:`ipaddress.IPv6Address.is_private` *\n      :attr:`ipaddress.IPv6Address.is_global` Also in the\n      corresponding :class:`ipaddress.IPv4Network` and\n      :class:`ipaddress.IPv6Network` attributes.\n      Fixes bsc#1226448 (CVE-2024-4032).\n    - gh-102988: :func:`email.utils.getaddresses` and\n      :func:`email.utils.parseaddr` now return ``(\u0027\u0027, \u0027\u0027)``\n      2-tuples in more situations where invalid email addresses\n      are encountered instead of potentially inaccurate\n      values. Add optional *strict* parameter to these two\n      functions: use ``strict=False`` to get the old behavior,\n      accept malformed inputs. ``getattr(email.utils,\n      \u0027supports_strict_parsing\u0027, False)`` can be use to check if\n      the *strict* paramater is available. Patch by Thomas Dwyer\n      and Victor Stinner to improve the CVE-2023-27043 fix\n      (bsc#1210638).\n    - gh-67693: Fix :func:`urllib.parse.urlunparse` and\n      :func:`urllib.parse.urlunsplit` for URIs with path starting\n      with multiple slashes and no authority. Based on patch by\n      Ashwin Ramaswami.\n  - Core and Builtins\n    - gh-112275: A deadlock involving ``pystate.c``\u0027s\n      ``HEAD_LOCK`` in ``posixmodule.c`` at fork is now\n      fixed. Patch by ChuBoning based on previous Python 3.12 fix\n      by Victor Stinner.\n    - gh-109120: Added handle of incorrect star expressions, e.g\n      ``f(3, *)``. Patch by Grigoryev Semyon\n\n\n- CVE-2024-8088: Prevent malformed payload to cause infinite loops in\n  zipfile.Path (bsc#1229704).\n\n- Make pip and modern tools install directly in /usr/local when used by the user.\n  (bsc#1225660).\n  \n- CVE-2024-4032: Fix rearranging definition of private v global IP addresses (bsc#1226448).\n\n- Update to 3.11.9:\n  * Security\n    - gh-115398: Allow controlling Expat \u003e=2.6.0 reparse deferral\n      (CVE-2023-52425,  bsc#1219559) by adding five new methods:\n        xml.etree.ElementTree.XMLParser.flush()\n        xml.etree.ElementTree.XMLPullParser.flush()\n        xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()\n        xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()\n        xml.sax.expatreader.ExpatParser.flush()\n    - gh-115399: Update bundled libexpat to 2.6.0\n    - gh-115243: Fix possible crashes in collections.deque.index()\n      when the deque is concurrently modified.\n    - gh-114572: ssl.SSLContext.cert_store_stats() and\n      ssl.SSLContext.get_ca_certs() now correctly lock access to the\n      certificate store, when the ssl.SSLContext is shared across\n      multiple threads (bsc#1226447, CVE-2024-0397).\n  * Core and Builtins\n    - gh-116296: Fix possible refleak in object.__reduce__() internal\n      error handling.\n    - gh-116034: Fix location of the error on a failed assertion.\n    - gh-115823: Properly calculate error ranges in the parser when\n      raising SyntaxError exceptions caused by invalid byte sequences.\n      Patch by Pablo Galindo\n    - gh-112087: For an empty reverse iterator for list will be\n      reduced to reversed(). Patch by Donghee Na.\n    - gh-115011: Setters for members with an unsigned integer type now\n      support the same range of valid values for objects that has a\n      __index__() method as for int.\n    - gh-96497: Fix incorrect resolution of mangled class variables\n      used in assignment expressions in comprehensions.\n  * Library\n    - gh-117310: Fixed an unlikely early \u0026 extra Py_DECREF triggered\n      crash in ssl when creating a new _ssl._SSLContext if CPython was\n      built implausibly such that the default cipher list is empty or\n      the SSL library it was linked against reports a failure from its\n      C SSL_CTX_set_cipher_list() API.\n    - gh-117178: Fix regression in lazy loading of self-referential\n      modules, introduced in gh-114781.\n    - gh-117084: Fix zipfile extraction for directory entries with the\n      name containing backslashes on Windows.\n    - gh-117110: Fix a bug that prevents subclasses of typing.Any to\n      be instantiated with arguments. Patch by Chris Fu.\n    - gh-90872: On Windows, subprocess.Popen.wait() no longer calls\n      WaitForSingleObject() with a negative timeout: pass 0 ms if the\n      timeout is negative. Patch by Victor Stinner.\n    - gh-116957: configparser: Don\u2019t leave ConfigParser values in an\n      invalid state (stored as a list instead of a str) after an\n      earlier read raised DuplicateSectionError or\n      DuplicateOptionError.\n    - gh-90095: Ignore empty lines and comments in .pdbrc\n    - gh-116764: Restore support of None and other false values in\n      urllib.parse functions parse_qs() and parse_qsl(). Also, they\n      now raise a TypeError for non-zero integers and non-empty\n      sequences.\n    - gh-116811: In PathFinder.invalidate_caches, delegate to\n      MetadataPathFinder.invalidate_caches.\n    - gh-116600: Fix repr() for global Flag members.\n    - gh-116484: Change automatically generated tkinter.Checkbutton\n      widget names to avoid collisions with automatically generated\n      tkinter.ttk.Checkbutton widget names within the same parent\n      widget.\n    - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on\n      opening named pipe.\n    - gh-116143: Fix a race in pydoc _start_server, eliminating a\n      window in which _start_server can return a thread that is\n      \u201cserving\u201d but without a docserver set.\n    - gh-116325: typing: raise SyntaxError instead of AttributeError\n      on forward references as empty strings.\n    - gh-90535: Fix support of interval values \u003e 1 in\n      logging.TimedRotatingFileHandler for when=\u0027MIDNIGHT\u0027 and\n      when=\u0027Wx\u0027.\n    - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on\n      WASI.\n    - Under wasmtime for WASI 0.2, these functions don\u2019t pass\n      test_posix\n      (https://github.com/bytecodealliance/wasmtime/issues/7830).\n    - gh-88352: Fix the computation of the next rollover time in the\n      logging.TimedRotatingFileHandler handler. computeRollover() now\n      always returns a timestamp larger than the specified time and\n      works correctly during the DST change. doRollover() no longer\n      overwrite the already rolled over file, saving from data loss\n      when run at midnight or during repeated time at the DST change.\n    - gh-87115: Set __main__.__spec__ to None when running a script\n      with pdb\n    - gh-76511: Fix UnicodeEncodeError in email.Message.as_string()\n      that results when a message that claims to be in the ascii\n      character set actually has non-ascii characters. Non-ascii\n      characters are now replaced with the U+FFFD replacement\n      character, like in the replace error handler.\n    - gh-75988: Fixed unittest.mock.create_autospec() to pass the call\n      through to the wrapped object to return the real result.\n    - gh-115881: Fix issue where ast.parse() would incorrectly flag\n      conditional context managers (such as with (x() if y else z()):\n      ...) as invalid syntax if feature_version=(3, 8) was passed.\n      This reverts changes to the grammar made as part of gh-94949.\n    - gh-115886: Fix silent truncation of the name with an embedded\n      null character in multiprocessing.shared_memory.SharedMemory.\n    - gh-115809: Improve algorithm for computing which rolled-over log\n      files to delete in logging.TimedRotatingFileHandler. It is now\n      reliable for handlers without namer and with arbitrary\n      deterministic namer that leaves the datetime part in the file\n      name unmodified.\n    - gh-74668: urllib.parse functions parse_qs() and parse_qsl() now\n      support bytes arguments containing raw and percent-encoded\n      non-ASCII data.\n    - gh-67044: csv.writer() now always quotes or escapes \u0027\\r\u0027 and\n      \u0027\\n\u0027, regardless of lineterminator value.\n    - gh-115712: csv.writer() now quotes empty fields if delimiter is\n      a space and skipinitialspace is true and raises exception if\n      quoting is not possible.\n    - gh-115618: Fix improper decreasing the reference count for None\n      argument in property methods getter(), setter() and deleter().\n    - gh-115570: A DeprecationWarning is no longer omitted on access\n      to the __doc__ attributes of the deprecated typing.io and\n      typing.re pseudo-modules.\n    - gh-112006: Fix inspect.unwrap() for types with the __wrapper__\n      data descriptor.\n    - gh-101293: Support callables with the __call__() method and\n      types with __new__() and __init__() methods set to class\n      methods, static methods, bound methods, partial functions, and\n      other types of methods and descriptors in\n      inspect.Signature.from_callable().\n    - gh-115392: Fix a bug in doctest where incorrect line numbers\n      would be reported for decorated functions.\n    - gh-114563: Fix several format() bugs when using the C\n      implementation of Decimal: * memory leak in some rare cases when\n      using the z format option (coerce negative 0) * incorrect output\n      when applying the z format option to type F (fixed-point with\n      capital NAN / INF) * incorrect output when applying the # format\n      option (alternate form)\n    - gh-115197: urllib.request no longer resolves the hostname before\n      checking it against the system\u2019s proxy bypass list on macOS and\n      Windows.\n    - gh-115198: Fix support of Docutils \u003e= 0.19 in distutils.\n    - gh-115165: Most exceptions are now ignored when attempting to\n      set the __orig_class__ attribute on objects returned when\n      calling typing generic aliases (including generic aliases\n      created using typing.Annotated). Previously only AttributeError\n      was ignored. Patch by Dave Shawley.\n    - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.\n    - gh-115059: io.BufferedRandom.read1() now flushes the underlying\n      write buffer.\n    - gh-79382: Trailing ** no longer allows to match files and\n      non-existing paths in recursive glob().\n    - gh-114763: Protect modules loaded with importlib.util.LazyLoader\n      from race conditions when multiple threads try to access\n      attributes before the loading is complete.\n    - gh-97959: Fix rendering class methods, bound methods, method and\n      function aliases in pydoc. Class methods no longer have \u201cmethod\n      of builtins.type instance\u201d note. Corresponding notes are now\n      added for class and unbound methods. Method and function aliases\n      now have references to the module or the class where the origin\n      was defined if it differs from the current. Bound methods are\n      now listed in the static methods section. Methods of builtin\n      classes are now supported as well as methods of Python classes.\n    - gh-112281: Allow creating union of types for typing.Annotated\n      with unhashable metadata.\n    - gh-111775: Fix importlib.resources.simple.ResourceHandle.open()\n      for text mode, added missed stream argument.\n    - gh-90095: Make .pdbrc and -c work with any valid pdb commands.\n    - gh-107155: Fix incorrect output of help(x) where x is a lambda\n      function, which has an __annotations__ dictionary attribute with\n      a \"return\" key.\n    - gh-105866: Fixed _get_slots bug which caused error when defining\n      dataclasses with slots and a weakref_slot.\n    - gh-60346: Fix ArgumentParser inconsistent with parse_known_args.\n    - gh-100985: Update HTTPSConnection to consistently wrap IPv6\n      Addresses when using a proxy.\n    - gh-100884: email: fix misfolding of comma in address-lists\n      over multiple lines in combination with unicode encoding\n      (bsc#1238450 CVE-2025-1795)\n    - gh-95782: Fix io.BufferedReader.tell(),\n      io.BufferedReader.seek(), _pyio.BufferedReader.tell(),\n      io.BufferedRandom.tell(), io.BufferedRandom.seek() and\n      _pyio.BufferedRandom.tell() being able to return negative\n      offsets.\n    - gh-96310: Fix a traceback in argparse when all options in a\n      mutually exclusive group are suppressed.\n    - gh-93205: Fixed a bug in\n      logging.handlers.TimedRotatingFileHandler where multiple\n      rotating handler instances pointing to files with the same name\n      but different extensions would conflict and not delete the\n      correct files.\n    - bpo-44865: Add missing call to localization function in\n      argparse.\n    - bpo-43952: Fix multiprocessing.connection.Listener.accept() to\n      accept empty bytes as authkey. Not accepting empty bytes as key\n      causes it to hang indefinitely.\n    - bpo-42125: linecache: get module name from __spec__ if\n      available. This allows getting source code for the __main__\n      module when a custom loader is used.\n    - gh-66543: Make mimetypes.guess_type() properly parsing of URLs\n      with only a host name, URLs containing fragment or query, and\n      filenames with only a UNC sharepoint on Windows. Based on patch\n      by Dong-hee Na.\n    - bpo-33775: Add \u2018default\u2019 and \u2018version\u2019 help text for\n      localization in argparse.\n  * Documentation\n    - gh-115399: Document CVE-2023-52425 of Expat \u003c2.6.0 under \u201cXML\n      vulnerabilities\u201d.\n    - gh-115233: Fix an example for LoggerAdapter in the Logging\n      Cookbook.\n  * Tests\n    - gh-83434: Disable JUnit XML output (--junit-xml=FILE command\n      line option) in regrtest when hunting for reference leaks (-R\n      option). Patch by Victor Stinner.\n    - gh-117187: Fix XML tests for vanilla Expat \u003c2.6.0.\n    - gh-115979: Update test_importlib so that it passes under WASI\n      SDK 21.\n    - gh-116307: Added import helper isolated_modules as CleanImport\n      does not remove modules imported during the context.\n    - gh-115720: Leak tests (-R, --huntrleaks) now show a summary of\n      the number of leaks found in each iteration.\n    - gh-115122: Add --bisect option to regrtest test runner: run\n      failed tests with test.bisect_cmd to identify failing tests.\n      Patch by Victor Stinner.\n    - gh-115596: Fix ProgramPriorityTests in test_os permanently\n      changing the process priority.\n    - gh-115198: Fix test_check_metadata_deprecate in distutils tests\n      with a newer Docutils.\n  * Build\n    - gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI\n      0.2/preview2 primitives.\n    - gh-115167: Avoid vendoring vcruntime140_threads.dll when\n      building with Visual Studio 2022 version 17.8.\n  * Windows\n    - gh-116773: Fix instances of \u003c_overlapped.Overlapped object at\n      0xXXX\u003e still has pending operation at deallocation, the process\n      may crash.\n    - gh-91227: Fix the asyncio ProactorEventLoop implementation so\n      that sending a datagram to an address that is not listening does\n      not prevent receiving any more datagrams.\n    - gh-115554: The installer now has more strict rules about\n      updating the Python Launcher for Windows. In general, most users\n      only have a single launcher installed and will see no\n      difference. When multiple launchers have been installed, the\n      option to install the launcher is disabled until all but one\n      have been removed. Downgrading the launcher (which was never\n      allowed) is now more obviously blocked.\n    - gh-115543: Python Launcher for Windows can now detect Python\n      3.13 when installed from the Microsoft Store, and will install\n      Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set.\n    - gh-115009: Update Windows installer to use SQLite 3.45.1.\n  * IDLE\n    - gh-88516: On macOS show a proxy icon in the title bar of editor\n      windows to match platform behaviour.\n  * Tools/Demos\n    - gh-113516: Don\u2019t set LDSHARED when building for WASI.\n  * C API\n    - gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows\n      64-bit platforms.\n\n- Add reference to CVE-2024-0450 (bsc#1221854) to changelog.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-253",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20154-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20154-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520154-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20154-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021184.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1174091",
        "url": "https://bugzilla.suse.com/1174091"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210638",
        "url": "https://bugzilla.suse.com/1210638"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1219559",
        "url": "https://bugzilla.suse.com/1219559"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1219666",
        "url": "https://bugzilla.suse.com/1219666"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221854",
        "url": "https://bugzilla.suse.com/1221854"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225660",
        "url": "https://bugzilla.suse.com/1225660"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226447",
        "url": "https://bugzilla.suse.com/1226447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226448",
        "url": "https://bugzilla.suse.com/1226448"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227378",
        "url": "https://bugzilla.suse.com/1227378"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227999",
        "url": "https://bugzilla.suse.com/1227999"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1228165",
        "url": "https://bugzilla.suse.com/1228165"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1228780",
        "url": "https://bugzilla.suse.com/1228780"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229596",
        "url": "https://bugzilla.suse.com/1229596"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229704",
        "url": "https://bugzilla.suse.com/1229704"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230227",
        "url": "https://bugzilla.suse.com/1230227"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230906",
        "url": "https://bugzilla.suse.com/1230906"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1231795",
        "url": "https://bugzilla.suse.com/1231795"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232241",
        "url": "https://bugzilla.suse.com/1232241"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236705",
        "url": "https://bugzilla.suse.com/1236705"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238450",
        "url": "https://bugzilla.suse.com/1238450"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239210",
        "url": "https://bugzilla.suse.com/1239210"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 831629",
        "url": "https://bugzilla.suse.com/831629"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-20907 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-20907/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9947 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9947/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15523 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15523/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15801 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15801/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-25236 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-25236/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-27043 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-27043/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52425 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52425/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6597 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6597/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0397 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0397/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0450 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0450/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4030 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4030/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-4032 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-4032/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6232 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6232/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-6923 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-6923/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-7592 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-7592/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8088 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8088/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9287 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9287/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-0938 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-0938/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-1795 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-1795/"
      }
    ],
    "title": "Security update for python311",
    "tracking": {
      "current_release_date": "2025-03-19T11:31:40Z",
      "generator": {
        "date": "2025-03-19T11:31:40Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20154-1",
      "initial_release_date": "2025-03-19T11:31:40Z",
      "revision_history": [
        {
          "date": "2025-03-19T11:31:40Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpython3_11-1_0-3.11.11-1.1.aarch64",
                "product": {
                  "name": "libpython3_11-1_0-3.11.11-1.1.aarch64",
                  "product_id": "libpython3_11-1_0-3.11.11-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-3.11.11-1.1.aarch64",
                "product": {
                  "name": "python311-3.11.11-1.1.aarch64",
                  "product_id": "python311-3.11.11-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-base-3.11.11-1.1.aarch64",
                "product": {
                  "name": "python311-base-3.11.11-1.1.aarch64",
                  "product_id": "python311-base-3.11.11-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-curses-3.11.11-1.1.aarch64",
                "product": {
                  "name": "python311-curses-3.11.11-1.1.aarch64",
                  "product_id": "python311-curses-3.11.11-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpython3_11-1_0-3.11.11-1.1.s390x",
                "product": {
                  "name": "libpython3_11-1_0-3.11.11-1.1.s390x",
                  "product_id": "libpython3_11-1_0-3.11.11-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python311-3.11.11-1.1.s390x",
                "product": {
                  "name": "python311-3.11.11-1.1.s390x",
                  "product_id": "python311-3.11.11-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python311-base-3.11.11-1.1.s390x",
                "product": {
                  "name": "python311-base-3.11.11-1.1.s390x",
                  "product_id": "python311-base-3.11.11-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python311-curses-3.11.11-1.1.s390x",
                "product": {
                  "name": "python311-curses-3.11.11-1.1.s390x",
                  "product_id": "python311-curses-3.11.11-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libpython3_11-1_0-3.11.11-1.1.x86_64",
                "product": {
                  "name": "libpython3_11-1_0-3.11.11-1.1.x86_64",
                  "product_id": "libpython3_11-1_0-3.11.11-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-3.11.11-1.1.x86_64",
                "product": {
                  "name": "python311-3.11.11-1.1.x86_64",
                  "product_id": "python311-3.11.11-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-base-3.11.11-1.1.x86_64",
                "product": {
                  "name": "python311-base-3.11.11-1.1.x86_64",
                  "product_id": "python311-base-3.11.11-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-curses-3.11.11-1.1.x86_64",
                "product": {
                  "name": "python311-curses-3.11.11-1.1.x86_64",
                  "product_id": "python311-curses-3.11.11-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpython3_11-1_0-3.11.11-1.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64"
        },
        "product_reference": "libpython3_11-1_0-3.11.11-1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpython3_11-1_0-3.11.11-1.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x"
        },
        "product_reference": "libpython3_11-1_0-3.11.11-1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpython3_11-1_0-3.11.11-1.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64"
        },
        "product_reference": "libpython3_11-1_0-3.11.11-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-3.11.11-1.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64"
        },
        "product_reference": "python311-3.11.11-1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-3.11.11-1.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x"
        },
        "product_reference": "python311-3.11.11-1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-3.11.11-1.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64"
        },
        "product_reference": "python311-3.11.11-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-base-3.11.11-1.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64"
        },
        "product_reference": "python311-base-3.11.11-1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-base-3.11.11-1.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x"
        },
        "product_reference": "python311-base-3.11.11-1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-base-3.11.11-1.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64"
        },
        "product_reference": "python311-base-3.11.11-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-curses-3.11.11-1.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64"
        },
        "product_reference": "python311-curses-3.11.11-1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-curses-3.11.11-1.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x"
        },
        "product_reference": "python311-curses-3.11.11-1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-curses-3.11.11-1.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        },
        "product_reference": "python311-curses-3.11.11-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-20907",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-20907"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-20907",
          "url": "https://www.suse.com/security/cve/CVE-2019-20907"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174091 for CVE-2019-20907",
          "url": "https://bugzilla.suse.com/1174091"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-20907"
    },
    {
      "cve": "CVE-2019-9947",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9947"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9947",
          "url": "https://www.suse.com/security/cve/CVE-2019-9947"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1130840 for CVE-2019-9947",
          "url": "https://bugzilla.suse.com/1130840"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1136184 for CVE-2019-9947",
          "url": "https://bugzilla.suse.com/1136184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1155094 for CVE-2019-9947",
          "url": "https://bugzilla.suse.com/1155094"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201559 for CVE-2019-9947",
          "url": "https://bugzilla.suse.com/1201559"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-9947"
    },
    {
      "cve": "CVE-2020-15523",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15523"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15523",
          "url": "https://www.suse.com/security/cve/CVE-2020-15523"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173745 for CVE-2020-15523",
          "url": "https://bugzilla.suse.com/1173745"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15523"
    },
    {
      "cve": "CVE-2020-15801",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15801"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The \u003cexecutable-name\u003e._pth file (e.g., the python._pth file) is not affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15801",
          "url": "https://www.suse.com/security/cve/CVE-2020-15801"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174241 for CVE-2020-15801",
          "url": "https://bugzilla.suse.com/1174241"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-15801"
    },
    {
      "cve": "CVE-2022-25236",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-25236"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-25236",
          "url": "https://www.suse.com/security/cve/CVE-2022-25236"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196025 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1196025"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196784 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1196784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1197217 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1197217"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200038 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1200038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201735 for CVE-2022-25236",
          "url": "https://bugzilla.suse.com/1201735"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-25236"
    },
    {
      "cve": "CVE-2023-27043",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-27043"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-27043",
          "url": "https://www.suse.com/security/cve/CVE-2023-27043"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210638 for CVE-2023-27043",
          "url": "https://bugzilla.suse.com/1210638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222537 for CVE-2023-27043",
          "url": "https://bugzilla.suse.com/1222537"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-27043"
    },
    {
      "cve": "CVE-2023-52425",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52425"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52425",
          "url": "https://www.suse.com/security/cve/CVE-2023-52425"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219559 for CVE-2023-52425",
          "url": "https://bugzilla.suse.com/1219559"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-6597",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6597"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6597",
          "url": "https://www.suse.com/security/cve/CVE-2023-6597"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219666 for CVE-2023-6597",
          "url": "https://bugzilla.suse.com/1219666"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221854 for CVE-2023-6597",
          "url": "https://bugzilla.suse.com/1221854"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224879 for CVE-2023-6597",
          "url": "https://bugzilla.suse.com/1224879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225185 for CVE-2023-6597",
          "url": "https://bugzilla.suse.com/1225185"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6597"
    },
    {
      "cve": "CVE-2024-0397",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0397"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A defect was discovered in the Python \"ssl\" module where there is a memory\nrace condition with the ssl.SSLContext methods \"cert_store_stats()\" and\n\"get_ca_certs()\". The race condition can be triggered if the methods are\ncalled at the same time as certificates are loaded into the SSLContext,\nsuch as during the TLS handshake with a certificate directory configured.\nThis issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0397",
          "url": "https://www.suse.com/security/cve/CVE-2024-0397"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226447 for CVE-2024-0397",
          "url": "https://bugzilla.suse.com/1226447"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-0397"
    },
    {
      "cve": "CVE-2024-0450",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0450"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe zipfile module is vulnerable to \"quoted-overlap\" zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0450",
          "url": "https://www.suse.com/security/cve/CVE-2024-0450"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221854 for CVE-2024-0450",
          "url": "https://bugzilla.suse.com/1221854"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-4030",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4030"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you\u0027re not using Windows or haven\u0027t changed the temporary directory location then you aren\u0027t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix \"700\" for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4030",
          "url": "https://www.suse.com/security/cve/CVE-2024-4030"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227152 for CVE-2024-4030",
          "url": "https://bugzilla.suse.com/1227152"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-4030"
    },
    {
      "cve": "CVE-2024-4032",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-4032"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The \"ipaddress\" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as \"globally reachable\" or \"private\". This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn\u0027t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.\n\nCPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-4032",
          "url": "https://www.suse.com/security/cve/CVE-2024-4032"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226448 for CVE-2024-4032",
          "url": "https://bugzilla.suse.com/1226448"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "low"
        }
      ],
      "title": "CVE-2024-4032"
    },
    {
      "cve": "CVE-2024-6232",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6232"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There is a MEDIUM severity vulnerability affecting CPython.\n\n\n\n\n\nRegular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6232",
          "url": "https://www.suse.com/security/cve/CVE-2024-6232"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230227 for CVE-2024-6232",
          "url": "https://bugzilla.suse.com/1230227"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6232"
    },
    {
      "cve": "CVE-2024-6923",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-6923"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There is a MEDIUM severity vulnerability affecting CPython.\n\nThe \nemail module didn\u0027t properly quote newlines for email headers when \nserializing an email message allowing for header injection when an email\n is serialized.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-6923",
          "url": "https://www.suse.com/security/cve/CVE-2024-6923"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228780 for CVE-2024-6923",
          "url": "https://bugzilla.suse.com/1228780"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-6923"
    },
    {
      "cve": "CVE-2024-7592",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-7592"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There is a LOW severity vulnerability affecting CPython, specifically the\n\u0027http.cookies\u0027 standard library module.\n\n\nWhen parsing cookies that contained backslashes for quoted characters in\nthe cookie value, the parser would use an algorithm with quadratic\ncomplexity, resulting in excess CPU resources being used while parsing the\nvalue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-7592",
          "url": "https://www.suse.com/security/cve/CVE-2024-7592"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229596 for CVE-2024-7592",
          "url": "https://bugzilla.suse.com/1229596"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-7592"
    },
    {
      "cve": "CVE-2024-8088",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8088"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There is a HIGH severity vulnerability affecting the CPython \"zipfile\"\nmodule affecting \"zipfile.Path\". Note that the more common API \"zipfile.ZipFile\" class is unaffected.\n\n\n\n\n\nWhen iterating over names of entries in a zip archive (for example, methods\nof \"zipfile.Path\" like \"namelist()\", \"iterdir()\", etc)\nthe process can be put into an infinite loop with a maliciously crafted\nzip archive. This defect applies when reading only metadata or extracting\nthe contents of the zip archive. Programs that are not handling\nuser-controlled zip archives are not affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8088",
          "url": "https://www.suse.com/security/cve/CVE-2024-8088"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229704 for CVE-2024-8088",
          "url": "https://bugzilla.suse.com/1229704"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-8088"
    },
    {
      "cve": "CVE-2024-9287",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9287"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts (ie \"source venv/bin/activate\"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren\u0027t activated before being used (ie \"./venv/bin/python\") are not affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9287",
          "url": "https://www.suse.com/security/cve/CVE-2024-9287"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232241 for CVE-2024-9287",
          "url": "https://bugzilla.suse.com/1232241"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-9287"
    },
    {
      "cve": "CVE-2025-0938",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-0938"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn\u0027t valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-0938",
          "url": "https://www.suse.com/security/cve/CVE-2025-0938"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236705 for CVE-2025-0938",
          "url": "https://bugzilla.suse.com/1236705"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-0938"
    },
    {
      "cve": "CVE-2025-1795",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-1795"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
          "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-1795",
          "url": "https://www.suse.com/security/cve/CVE-2025-1795"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238450 for CVE-2025-1795",
          "url": "https://bugzilla.suse.com/1238450"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:libpython3_11-1_0-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-base-3.11.11-1.1.x86_64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.aarch64",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.s390x",
            "SUSE Linux Micro 6.0:python311-curses-3.11.11-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-03-19T11:31:40Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-1795"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for expat",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for expat fixes the following issues:\n\nVersion update to 2.7.1:\n\n* Bug fixes:\n\n  * Restore event pointer behavior from Expat 2.6.4 (that the fix to CVE-2024-8176 changed in 2.7.0);\n    affected API functions are:\n\n    - XML_GetCurrentByteCount\n    - XML_GetCurrentByteIndex\n    - XML_GetCurrentColumnNumber\n    - XML_GetCurrentLineNumber\n    - XML_GetInputContext\n\n  * Other changes:\n       #976 #977  Autotools: Integrate files \"fuzz/xml_lpm_fuzzer.{cpp,proto}\"\n                    with Automake that were missing from 2.7.0 release tarballs\n       #983 #984  Fix printf format specifiers for 32bit Emscripten\n            #992  docs: Promote OpenSSF Best Practices self-certification\n            #978  tests/benchmark: Resolve mistaken double close\n            #986  Address compiler warnings\n       #990 #993  Version info bumped from 11:1:10 (libexpat*.so.1.10.1)\n                    to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/\n                    for what these numbers do\n\n        Infrastructure:\n            #982  CI: Start running Perl XML::Parser integration tests\n            #987  CI: Enforce Clang Static Analyzer clean code\n            #991  CI: Re-enable warning clang-analyzer-valist.Uninitialized\n                    for clang-tidy\n            #981  CI: Cover compilation with musl\n       #983 #984  CI: Cover compilation with 32bit Emscripten\n       #976 #977  CI: Protect against fuzzer files missing from future\n                    release archives\n\nVersion update to 2.7.0 (CVE-2024-8176 [bsc#1239618])\n\n* Security fixes:\n  * CVE-2024-8176 -- Fix crash from chaining a large number\n    of entities caused by stack overflow by resolving use of\n    recursion, for all three uses of entities:\n    - general entities in character data (\"\u003ce\u003e\u0026g1;\u003c/e\u003e\")\n    - general entities in attribute values (\"\u003ce k1=\u0027\u0026g1;\u0027/\u003e\")\n    - parameter entities (\"%p1;\")\n\n   Known impact is (reliable and easy) denial of service:\n\n   CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C\n\n   (Base Score: 7.5, Temporal Score: 7.2)\n\n   Please note that a layer of compression around XML can\n   significantly reduce the minimum attack payload size.\n\n   * Other changes:\n     * Document changes since the previous release\n     * Version info bumped from 11:0:10 (libexpat*.so.1.10.0)\n       to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/\n       for what these numbers do\n\nVersion update to 2.6.4:\n\n  * Security fixes: [bsc#1232601][bsc#1232579]\n    * CVE-2024-50602 -- Fix crash within function XML_ResumeParser\n      from a NULL pointer dereference by disallowing function\n      XML_StopParser to (stop or) suspend an unstarted parser.\n      A new error code XML_ERROR_NOT_STARTED was introduced to\n      properly communicate this situation.  // CWE-476 CWE-754\n  * Other changes:\n    * Version info bumped from 10:3:9 (libexpat*.so.1.9.3)\n      to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/\n      for what these numbers do\n\nUpdate to 2.6.3:\n\n  * Security fixes:\n    - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with\n      len \u003c 0 without noticing and then calling XML_GetBuffer\n      will have XML_ParseBuffer fail to recognize the problem\n      and XML_GetBuffer corrupt memory.\n      With the fix, XML_ParseBuffer now complains with error\n      XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse\n      has been doing since Expat 2.2.1, and now documented.\n      Impact is denial of service to potentially artitrary code\n      execution.\n    - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an\n      integer overflow for nDefaultAtts on 32-bit platforms\n      (where UINT_MAX equals SIZE_MAX).\n      Impact is denial of service to potentially artitrary code\n      execution.\n    - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can\n      have an integer overflow for m_groupSize on 32-bit\n      platforms (where UINT_MAX equals SIZE_MAX).\n      Impact is denial of service to potentially artitrary code\n      execution.\n\n  * Other changes:\n\n    - Version info bumped from 10:2:9 (libexpat*.so.1.9.2)\n      to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/\n      for what these numbers do  \n\nUpdate to 2.6.2:\n\n  * CVE-2024-28757 -- Prevent billion laughs attacks with isolated\n    use of external parsers (bsc#1221289)\n  * Reject direct parameter entity recursion and avoid the related\n    undefined behavior\n\nUpdate to 2.6.1:\n\n  * Expose billion laughs API with XML_DTD defined and XML_GE\n    undefined, regression from 2.6.0\n  * Make tests independent of CPU speed, and thus more robust\n\nUpdate to 2.6.0: \n\n  * Security fixes:\n    - CVE-2023-52425 (bsc#1219559)  \n      Fix quadratic runtime issues with big tokens\n      that can cause denial of service, in partial where\n      dealing with compressed XML input.  Applications\n      that parsed a document in one go -- a single call to\n      functions XML_Parse or XML_ParseBuffer -- were not affected.\n      The smaller the chunks/buffers you use for parsing\n      previously, the bigger the problem prior to the fix.\n      Backporters should be careful to no omit parts of\n      pull request #789 and to include earlier pull request #771,\n      in order to not break the fix.\n    - CVE-2023-52426 (bsc#1219561)\n      Fix billion laughs attacks for users\n      compiling *without* XML_DTD defined (which is not common).\n      Users with XML_DTD defined have been protected since\n      Expat \u003e=2.4.0 (and that was CVE-2013-0340 back then).\n  * Bug fixes:\n    - Fix parse-size-dependent \"invalid token\" error for\n      external entities that start with a byte order mark\n    - Fix NULL pointer dereference in setContext via\n      XML_ExternalEntityParserCreate for compilation with\n      XML_DTD undefined\n    - Protect against closing entities out of order\n  * Other changes:\n    - Improve support for arc4random/arc4random_buf\n    - Improve buffer growth in XML_GetBuffer and XML_Parse\n    - xmlwf: Support --help and --version\n    - xmlwf: Support custom buffer size for XML_GetBuffer and read\n    - xmlwf: Improve language and URL clickability in help output\n    - examples: Add new example \"element_declarations.c\"\n    - Be stricter about macro XML_CONTEXT_BYTES at build time\n    - Make inclusion to expat_config.h consistent\n    - Autotools: configure.ac: Support --disable-maintainer-mode\n    - Autotools: Sync CMake templates with CMake 3.26\n    - Autotools: Make installation of shipped man page doc/xmlwf.1\n      independent of docbook2man availability\n    - Autotools|CMake: Add missing -DXML_STATIC to pkg-config file\n      section \"Cflags.private\" in order to fix compilation\n      against static libexpat using pkg-config on Windows\n    - Autotools|CMake: Require a C99 compiler\n      (a de-facto requirement already since Expat 2.2.2 of 2017)\n    - Autotools|CMake: Fix PACKAGE_BUGREPORT variable\n    - Autotools|CMake: Make test suite require a C++11 compiler\n    - CMake: Require CMake \u003e=3.5.0\n    - CMake: Lowercase off_t and size_t to help a bug in Meson\n    - CMake: Sort xmlwf sources alphabetically\n    - CMake|Windows: Fix generation of DLL file version info\n    - CMake: Build tests/benchmark/benchmark.c as well for\n      a build with -DEXPAT_BUILD_TESTS=ON\n    - docs: Document the importance of isFinal + adjust tests\n      accordingly\n    - docs: Improve use of \"NULL\" and \"null\"\n    - docs: Be specific about version of XML (XML 1.0r4)\n      and version of C (C99); (XML 1.0r5 will need a sponsor.)\n    - docs: reference.html: Promote function XML_ParseBuffer more\n    - docs: reference.html: Add HTML anchors to XML_* macros\n    - docs: reference.html: Upgrade to OK.css 1.2.0\n    - docs: Fix typos\n    - docs|CI: Use HTTPS URLs instead of HTTP at various places\n    - Address compiler warnings\n    - Address clang-tidy warnings\n    - Version info bumped from 9:10:8 (libexpat*.so.1.8.10)\n      to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/\n      for what these numbers do\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-304",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20207-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20207-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520207-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20207-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021128.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1219559",
        "url": "https://bugzilla.suse.com/1219559"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1219561",
        "url": "https://bugzilla.suse.com/1219561"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221289",
        "url": "https://bugzilla.suse.com/1221289"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229930",
        "url": "https://bugzilla.suse.com/1229930"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229931",
        "url": "https://bugzilla.suse.com/1229931"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229932",
        "url": "https://bugzilla.suse.com/1229932"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232579",
        "url": "https://bugzilla.suse.com/1232579"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232601",
        "url": "https://bugzilla.suse.com/1232601"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239618",
        "url": "https://bugzilla.suse.com/1239618"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0340 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0340/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-15903 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-15903/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52425 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52425/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52426 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52426/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-28757 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-28757/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45490 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45491 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45492 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50602 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50602/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8176 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8176/"
      }
    ],
    "title": "Security update for expat",
    "tracking": {
      "current_release_date": "2025-04-29T11:07:45Z",
      "generator": {
        "date": "2025-04-29T11:07:45Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20207-1",
      "initial_release_date": "2025-04-29T11:07:45Z",
      "revision_history": [
        {
          "date": "2025-04-29T11:07:45Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libexpat1-2.7.1-1.1.aarch64",
                "product": {
                  "name": "libexpat1-2.7.1-1.1.aarch64",
                  "product_id": "libexpat1-2.7.1-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libexpat1-2.7.1-1.1.s390x",
                "product": {
                  "name": "libexpat1-2.7.1-1.1.s390x",
                  "product_id": "libexpat1-2.7.1-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libexpat1-2.7.1-1.1.x86_64",
                "product": {
                  "name": "libexpat1-2.7.1-1.1.x86_64",
                  "product_id": "libexpat1-2.7.1-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.7.1-1.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64"
        },
        "product_reference": "libexpat1-2.7.1-1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.7.1-1.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x"
        },
        "product_reference": "libexpat1-2.7.1-1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.7.1-1.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        },
        "product_reference": "libexpat1-2.7.1-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-0340",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0340"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue.  NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0340",
          "url": "https://www.suse.com/security/cve/CVE-2013-0340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 805236 for CVE-2013-0340",
          "url": "https://bugzilla.suse.com/805236"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0340"
    },
    {
      "cve": "CVE-2019-15903",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-15903"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-15903",
          "url": "https://www.suse.com/security/cve/CVE-2019-15903"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149429 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1149429"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1154738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154806 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1154806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-15903"
    },
    {
      "cve": "CVE-2023-52425",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52425"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52425",
          "url": "https://www.suse.com/security/cve/CVE-2023-52425"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219559 for CVE-2023-52425",
          "url": "https://bugzilla.suse.com/1219559"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52426",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52426"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52426",
          "url": "https://www.suse.com/security/cve/CVE-2023-52426"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219561 for CVE-2023-52426",
          "url": "https://bugzilla.suse.com/1219561"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-52426"
    },
    {
      "cve": "CVE-2024-28757",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-28757"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-28757",
          "url": "https://www.suse.com/security/cve/CVE-2024-28757"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221289 for CVE-2024-28757",
          "url": "https://bugzilla.suse.com/1221289"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-28757"
    },
    {
      "cve": "CVE-2024-45490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45490",
          "url": "https://www.suse.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229962 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45491",
          "url": "https://www.suse.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229931 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229931"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45492",
          "url": "https://www.suse.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229932 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229932"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229964 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2024-50602",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50602"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50602",
          "url": "https://www.suse.com/security/cve/CVE-2024-50602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232579 for CVE-2024-50602",
          "url": "https://bugzilla.suse.com/1232579"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-50602"
    },
    {
      "cve": "CVE-2024-8176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
          "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8176",
          "url": "https://www.suse.com/security/cve/CVE-2024-8176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239618 for CVE-2024-8176",
          "url": "https://bugzilla.suse.com/1239618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
            "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-29T11:07:45Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8176"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for expat",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for expat fixes the following issues:\n\nVersion update to 2.7.1:\n\n     Bug fixes:\n\n       #980 #989  Restore event pointer behavior from Expat 2.6.4\n                    (that the fix to CVE-2024-8176 changed in 2.7.0);\n                    affected API functions are:\n                    - XML_GetCurrentByteCount\n                    - XML_GetCurrentByteIndex\n                    - XML_GetCurrentColumnNumber\n                    - XML_GetCurrentLineNumber\n                    - XML_GetInputContext\n\n     Other changes:\n\n       #976 #977  Autotools: Integrate files \"fuzz/xml_lpm_fuzzer.{cpp,proto}\"\n                    with Automake that were missing from 2.7.0 release tarballs\n       #983 #984  Fix printf format specifiers for 32bit Emscripten\n            #992  docs: Promote OpenSSF Best Practices self-certification\n            #978  tests/benchmark: Resolve mistaken double close\n            #986  Address compiler warnings\n       #990 #993  Version info bumped from 11:1:10 (libexpat*.so.1.10.1)\n                    to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/\n                    for what these numbers do\n\n        Infrastructure:\n\n            #982  CI: Start running Perl XML::Parser integration tests\n            #987  CI: Enforce Clang Static Analyzer clean code\n            #991  CI: Re-enable warning clang-analyzer-valist.Uninitialized\n                    for clang-tidy\n            #981  CI: Cover compilation with musl\n       #983 #984  CI: Cover compilation with 32bit Emscripten\n       #976 #977  CI: Protect against fuzzer files missing from future\n                    release archives\n\nversion update to 2.7.0 (CVE-2024-8176 [bsc#1239618]):\n\n  * Security fixes:\n\n       #893 #973  CVE-2024-8176 -- Fix crash from chaining a large number\n                    of entities caused by stack overflow by resolving use of\n                    recursion, for all three uses of entities:\n                    - general entities in character data (\"\u003ce\u003e\u0026g1;\u003c/e\u003e\")\n                    - general entities in attribute values (\"\u003ce k1=\u0027\u0026g1;\u0027/\u003e\")\n                    - parameter entities (\"%p1;\")\n                    Known impact is (reliable and easy) denial of service:\n                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C\n                    (Base Score: 7.5, Temporal Score: 7.2)\n                    Please note that a layer of compression around XML can\n                    significantly reduce the minimum attack payload size.\n\n   * Other changes:\n       #935 #937  Autotools: Make generated CMake files look for\n                    libexpat.@SO_MAJOR@.dylib on macOS\n            #925  Autotools: Sync CMake templates with CMake 3.29\n  #945 #962 #966  CMake: Drop support for CMake \u003c3.13\n            #942  CMake: Small fuzzing related improvements\n            #921  docs: Add missing documentation of error code\n                    XML_ERROR_NOT_STARTED that was introduced with 2.6.4\n            #941  docs: Document need for C++11 compiler for use from C++\n            #959  tests/benchmark: Fix a (harmless) TOCTTOU\n            #944  Windows: Fix installer target location of file xmlwf.xml\n                    for CMake\n            #953  Windows: Address warning -Wunknown-warning-option\n                    about -Wno-pedantic-ms-format from LLVM MinGW\n            #971  Address Cppcheck warnings\n       #969 #970  Mass-migrate links from http:// to https://\n    #947 #958 ..\n       #974 #975  Document changes since the previous release\n       #974 #975  Version info bumped from 11:0:10 (libexpat*.so.1.10.0)\n                    to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/\n                    for what these numbers do\n\n- no source changes, just adding jira reference: jsc#SLE-21253\n\nVersion update to 2.6.4 \n\n  * Security fixes: [bsc#1232601][bsc#1232579]\n        #915  CVE-2024-50602 -- Fix crash within function XML_ResumeParser\n                from a NULL pointer dereference by disallowing function\n                XML_StopParser to (stop or) suspend an unstarted parser.\n                A new error code XML_ERROR_NOT_STARTED was introduced to\n                properly communicate this situation.  // CWE-476 CWE-754\n  * Other changes:\n        #903  CMake: Add alias target \"expat::expat\"\n        #905  docs: Document use via CMake \u003e=3.18 with FetchContent\n                and SOURCE_SUBDIR and its consequences\n        #902  tests: Reduce use of global parser instance\n        #904  tests: Resolve duplicate handler\n   #317 #918  tests: Improve tests on doctype closing (ex CVE-2019-15903)\n        #914  Fix signedness of format strings\n   #919 #920  Version info bumped from 10:3:9 (libexpat*.so.1.9.3)\n                to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/\n                for what these numbers do\n\nUpdate to 2.6.3: \n\n  * Security fixes:\n\n    - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with\n      len \u003c 0 without noticing and then calling XML_GetBuffer\n      will have XML_ParseBuffer fail to recognize the problem\n      and XML_GetBuffer corrupt memory.\n      With the fix, XML_ParseBuffer now complains with error\n      XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse\n      has been doing since Expat 2.2.1, and now documented.\n      Impact is denial of service to potentially artitrary code\n      execution.\n    - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an\n      integer overflow for nDefaultAtts on 32-bit platforms\n      (where UINT_MAX equals SIZE_MAX).\n      Impact is denial of service to potentially artitrary code\n      execution.\n    - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can\n      have an integer overflow for m_groupSize on 32-bit\n      platforms (where UINT_MAX equals SIZE_MAX).\n      Impact is denial of service to potentially artitrary code\n      execution.\n\nUpdate to 2.6.2:\n\n  * CVE-2024-28757 -- Prevent billion laughs attacks with isolated\n    use of external parsers (bsc#1221289)\n  * Reject direct parameter entity recursion and avoid the related\n    undefined behavior\n\nUpdate to 2.6.1:\n\n  * Expose billion laughs API with XML_DTD defined and XML_GE\n    undefined, regression from 2.6.0\n  * Make tests independent of CPU speed, and thus more robust\n\nUpdate to 2.6.0: \n\n  * Security fixes:\n    - CVE-2023-52425 (bsc#1219559)  \n      -- Fix quadratic runtime issues with big tokens\n      that can cause denial of service, in partial where\n      dealing with compressed XML input.  Applications\n      that parsed a document in one go -- a single call to\n      functions XML_Parse or XML_ParseBuffer -- were not affected.\n      The smaller the chunks/buffers you use for parsing\n      previously, the bigger the problem prior to the fix.\n      Backporters should be careful to no omit parts of\n      pull request #789 and to include earlier pull request #771,\n      in order to not break the fix.\n    - CVE-2023-52426 (bsc#1219561)\n      -- Fix billion laughs attacks for users\n      compiling *without* XML_DTD defined (which is not common).\n      Users with XML_DTD defined have been protected since\n      Expat \u003e=2.4.0 (and that was CVE-2013-0340 back then).\n  * Bug fixes:\n    - Fix parse-size-dependent \"invalid token\" error for\n      external entities that start with a byte order mark\n    - Fix NULL pointer dereference in setContext via\n      XML_ExternalEntityParserCreate for compilation with\n      XML_DTD undefined\n    - Protect against closing entities out of order\n  * Other changes:\n    - Improve support for arc4random/arc4random_buf\n    - Improve buffer growth in XML_GetBuffer and XML_Parse\n    - xmlwf: Support --help and --version\n    - xmlwf: Support custom buffer size for XML_GetBuffer and read\n    - xmlwf: Improve language and URL clickability in help output\n    - examples: Add new example \"element_declarations.c\"\n    - Be stricter about macro XML_CONTEXT_BYTES at build time\n    - Make inclusion to expat_config.h consistent\n    - Autotools: configure.ac: Support --disable-maintainer-mode\n    - Autotools: Sync CMake templates with CMake 3.26\n    - Autotools: Make installation of shipped man page doc/xmlwf.1\n      independent of docbook2man availability\n    - Autotools|CMake: Add missing -DXML_STATIC to pkg-config file\n      section \"Cflags.private\" in order to fix compilation\n      against static libexpat using pkg-config on Windows\n    - Autotools|CMake: Require a C99 compiler\n      (a de-facto requirement already since Expat 2.2.2 of 2017)\n    - Autotools|CMake: Fix PACKAGE_BUGREPORT variable\n    - Autotools|CMake: Make test suite require a C++11 compiler\n    - CMake: Require CMake \u003e=3.5.0\n    - CMake: Lowercase off_t and size_t to help a bug in Meson\n    - CMake: Sort xmlwf sources alphabetically\n    - CMake|Windows: Fix generation of DLL file version info\n    - CMake: Build tests/benchmark/benchmark.c as well for\n      a build with -DEXPAT_BUILD_TESTS=ON\n    - docs: Document the importance of isFinal + adjust tests\n      accordingly\n    - docs: Improve use of \"NULL\" and \"null\"\n    - docs: Be specific about version of XML (XML 1.0r4)\n      and version of C (C99); (XML 1.0r5 will need a sponsor.)\n    - docs: reference.html: Promote function XML_ParseBuffer more\n    - docs: reference.html: Add HTML anchors to XML_* macros\n    - docs: reference.html: Upgrade to OK.css 1.2.0\n    - docs: Fix typos\n    - docs|CI: Use HTTPS URLs instead of HTTP at various places\n    - Address compiler warnings\n    - Address clang-tidy warnings\n    - Version info bumped from 9:10:8 (libexpat*.so.1.8.10)\n      to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/\n      for what these numbers do\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.1-108",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20311-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20311-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520311-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20311-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021027.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1219559",
        "url": "https://bugzilla.suse.com/1219559"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1219561",
        "url": "https://bugzilla.suse.com/1219561"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221289",
        "url": "https://bugzilla.suse.com/1221289"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229930",
        "url": "https://bugzilla.suse.com/1229930"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229931",
        "url": "https://bugzilla.suse.com/1229931"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229932",
        "url": "https://bugzilla.suse.com/1229932"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232579",
        "url": "https://bugzilla.suse.com/1232579"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232601",
        "url": "https://bugzilla.suse.com/1232601"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239618",
        "url": "https://bugzilla.suse.com/1239618"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0340 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0340/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-15903 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-15903/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52425 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52425/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52426 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52426/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-28757 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-28757/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45490 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45491 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45492 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45492/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50602 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50602/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8176 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8176/"
      }
    ],
    "title": "Security update for expat",
    "tracking": {
      "current_release_date": "2025-05-13T13:37:27Z",
      "generator": {
        "date": "2025-05-13T13:37:27Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20311-1",
      "initial_release_date": "2025-05-13T13:37:27Z",
      "revision_history": [
        {
          "date": "2025-05-13T13:37:27Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
                "product": {
                  "name": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
                  "product_id": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
                "product": {
                  "name": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
                  "product_id": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libexpat1-2.7.1-slfo.1.1_1.1.s390x",
                "product": {
                  "name": "libexpat1-2.7.1-slfo.1.1_1.1.s390x",
                  "product_id": "libexpat1-2.7.1-slfo.1.1_1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64",
                "product": {
                  "name": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64",
                  "product_id": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.1",
                "product": {
                  "name": "SUSE Linux Micro 6.1",
                  "product_id": "SUSE Linux Micro 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64"
        },
        "product_reference": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le"
        },
        "product_reference": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.7.1-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x"
        },
        "product_reference": "libexpat1-2.7.1-slfo.1.1_1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        },
        "product_reference": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-0340",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0340"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue.  NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0340",
          "url": "https://www.suse.com/security/cve/CVE-2013-0340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 805236 for CVE-2013-0340",
          "url": "https://bugzilla.suse.com/805236"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0340"
    },
    {
      "cve": "CVE-2019-15903",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-15903"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-15903",
          "url": "https://www.suse.com/security/cve/CVE-2019-15903"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149429 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1149429"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154738 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1154738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154806 for CVE-2019-15903",
          "url": "https://bugzilla.suse.com/1154806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-15903"
    },
    {
      "cve": "CVE-2023-52425",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52425"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52425",
          "url": "https://www.suse.com/security/cve/CVE-2023-52425"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219559 for CVE-2023-52425",
          "url": "https://bugzilla.suse.com/1219559"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52426",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52426"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52426",
          "url": "https://www.suse.com/security/cve/CVE-2023-52426"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219561 for CVE-2023-52426",
          "url": "https://bugzilla.suse.com/1219561"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-52426"
    },
    {
      "cve": "CVE-2024-28757",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-28757"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-28757",
          "url": "https://www.suse.com/security/cve/CVE-2024-28757"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221289 for CVE-2024-28757",
          "url": "https://bugzilla.suse.com/1221289"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-28757"
    },
    {
      "cve": "CVE-2024-45490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45490",
          "url": "https://www.suse.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229962 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45491",
          "url": "https://www.suse.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229931 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229931"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45492",
          "url": "https://www.suse.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229932 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229932"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229964 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2024-50602",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50602"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50602",
          "url": "https://www.suse.com/security/cve/CVE-2024-50602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232579 for CVE-2024-50602",
          "url": "https://bugzilla.suse.com/1232579"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-50602"
    },
    {
      "cve": "CVE-2024-8176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8176",
          "url": "https://www.suse.com/security/cve/CVE-2024-8176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239618 for CVE-2024-8176",
          "url": "https://bugzilla.suse.com/1239618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-13T13:37:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8176"
    }
  ]
}