Severity by source
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local vector and high complexity reflect the required attack conditions; PR:H and UI:R map from CVSS 4.0 PR:H and UI:P; integrity-only impact with no confidentiality or availability effect.
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary rating from Vendor (PSF).
CVSS VectorVendor: PSF
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.
AnalysisAI
Config file injection in CPython's configparser module allows an attacker who controls multi-line values written via configparser.write() to smuggle arbitrary keys and values into the resulting INI-style configuration file by embedding carriage return (\r) characters. All CPython versions are listed as affected per the NVD CPE wildcard, and any Python application that writes attacker-influenced data to config files via configparser is a candidate target. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires three concurrent conditions: (1) the attacker controls a string value that a Python application writes to a config file using configparser.write() - for example, through a user-supplied profile field, API request body, or any application input persisted to an INI-style config; (2) the application runs with sufficient privilege for the attacker's data to reach the write path (CVSS PR:H); and (3) the application subsequently re-reads the tampered config file in a security-relevant context. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:L/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N) places this at 4.1 Medium. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker submits a crafted profile field - for example, a user-supplied description or comment - containing an embedded \r character followed by a new key-value pair such as \radmin=true. An application that persists this field via configparser.write() writes the injected entry as an apparent standalone configuration key; on the next config file read, the application treats admin=true as a legitimate setting and elevates the attacker's privileges. … |
| Remediation | Upstream fix available (PR/commit); released patched version not independently confirmed - monitor the PSF security announcement at https://mail.python.org/archives/list/security-announce@python.org/thread/CV4NE6AFCRJL7XQOHX7J5TSDHUWVWGJS/ for an official tagged CPython release. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
CPython decompression modules (lzma, bz2, gzip) allow memory corruption via use-after-free when decompressor instances a
Denial of service in CPython's tarfile module allows remote attackers to trigger an infinite loop by supplying a crafted
Stack-based buffer overflow in CPython's bz2.BZ2Decompressor allows remote attackers to crash Python applications by sen
Path traversal in CPython's tarfile module allows a crafted tar archive to bypass the 'data' and 'tar' extraction filter
Command injection in CPython's webbrowser.open() API bypasses previous CVE-2026-4519 mitigation via specially crafted UR
The webbrowser.open() API in CPython accepts URLs with leading dashes, which certain web browsers interpret as command-l
Path traversal in CPython's tarfile module allows malicious tar archives to bypass the data_filter safety mechanism and
XML parsers in CPython's xml.parsers.expat and xml.etree.ElementTree modules use insufficient entropy for Expat hash-flo
Denial-of-service via quadratic algorithmic complexity in CPython's unicodedata.normalize() affects all CPython versions
Server-Side Request Forgery in CPython's ftplib module allows a malicious FTP source server to redirect a target FTP ser
Privilege escalation in CPython on Windows enables a low-privileged local user to hijack the module search path of a mor
CPython's http.cookies.Morsel.js_output() method generates inline script snippets that fail to neutralize the HTML parse
Same technique Code Injection
View allVendor StatusVendor
SUSE
Severity: Important| Product | Status |
|---|---|
| SLES15-SP5-CHOST-BYOS-SAP-CCloud | Affected |
| SLES15-SP5-CHOST-BYOS-SAP-CCloud | Affected |
| SLES15-SP6-CHOST-BYOS | Affected |
| SLES15-SP6-CHOST-BYOS-Aliyun | Affected |
| SLES15-SP6-CHOST-BYOS-Azure | Affected |
| SLES15-SP6-CHOST-BYOS-EC2 | Affected |
| SLES15-SP6-CHOST-BYOS-GDC | Affected |
| SLES15-SP6-CHOST-BYOS-SAP-CCloud | Affected |
| SLES15-SP7-CHOST-BYOS-Aliyun | Affected |
| SLES15-SP7-CHOST-BYOS-Azure | Affected |
| SLES15-SP7-CHOST-BYOS-EC2 | Affected |
| SLES15-SP7-CHOST-BYOS-GDC | Affected |
| SLES15-SP7-CHOST-BYOS-SAP-CCloud | Affected |
| SUSE Linux Enterprise Desktop 15 SP7 | Affected |
| SUSE Linux Enterprise Desktop 15 SP7 | Affected |
| SUSE Linux Enterprise Desktop 15 SP7 | Affected |
| SUSE Linux Enterprise High Performance Computing 12 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Affected |
| SUSE Linux Enterprise Micro 5.3 | Affected |
| SUSE Linux Enterprise Micro 5.4 | Affected |
| SUSE Linux Enterprise Micro 5.5 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Package Hub 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Module for Python 3 15 SP7 | Affected |
| SUSE Linux Enterprise Module for Python 3 15 SP7 | Affected |
| SUSE Linux Enterprise Server 15 SP7 | Affected |
| SUSE Linux Enterprise Server 15 SP7 | Affected |
| SUSE Linux Enterprise Server 15 SP7 | Affected |
| SUSE Linux Enterprise Server 16.0 | Affected |
| SUSE Linux Enterprise Server 16.1 | Affected |
| SUSE Linux Enterprise Server 16.1 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Affected |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Affected |
| SUSE Linux Enterprise Server for SAP applications 16.1 | Affected |
| SUSE Linux Enterprise Server for SAP applications 16.1 | Affected |
| SUSE Linux Micro 6.0 | Affected |
| SUSE Linux Micro 6.1 | Affected |
| SUSE Linux Micro 6.2 | Affected |
| openSUSE Leap 16.0 | Affected |
| SLES15-SP3-CHOST-BYOS-Aliyun | Affected |
| SLES15-SP3-CHOST-BYOS-Azure | Affected |
| SLES15-SP3-CHOST-BYOS-EC2 | Affected |
| SLES15-SP3-CHOST-BYOS-GCE | Affected |
| SLES15-SP3-CHOST-BYOS-SAP-CCloud | Affected |
| SLES15-SP4-CHOST-BYOS | Affected |
| SLES15-SP4-CHOST-BYOS | Affected |
| SLES15-SP4-CHOST-BYOS-Aliyun | Affected |
| SLES15-SP4-CHOST-BYOS-Aliyun | Affected |
| SLES15-SP4-CHOST-BYOS-Azure | Affected |
| SLES15-SP4-CHOST-BYOS-Azure | Affected |
| SLES15-SP4-CHOST-BYOS-EC2 | Affected |
| SLES15-SP4-CHOST-BYOS-EC2 | Affected |
| SLES15-SP4-CHOST-BYOS-GCE | Affected |
| SLES15-SP4-CHOST-BYOS-SAP-CCloud | Affected |
| SLES15-SP4-CHOST-BYOS-SAP-CCloud | Affected |
| SLES15-SP5-CHOST-BYOS-Aliyun | Affected |
| SLES15-SP5-CHOST-BYOS-Aliyun | Affected |
| SLES15-SP5-CHOST-BYOS-Azure | Affected |
| SLES15-SP5-CHOST-BYOS-Azure | Affected |
| SLES15-SP5-CHOST-BYOS-EC2 | Affected |
| SLES15-SP5-CHOST-BYOS-EC2 | Affected |
| SLES15-SP5-CHOST-BYOS-GCE | Affected |
| SLES15-SP5-CHOST-BYOS-GDC | Affected |
| SLES15-SP5-CHOST-BYOS-GDC | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP4 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP5 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP6 | Affected |
| SUSE Linux Enterprise Module for Legacy 15 SP5 | Affected |
| SUSE Linux Enterprise Module for Public Cloud 15 SP4 | Affected |
| SUSE Linux Enterprise Module for Python 3 15 SP4 | Affected |
| SUSE Linux Enterprise Module for Python 3 15 SP4 | Affected |
| SUSE Linux Enterprise Module for Python 3 15 SP5 | Affected |
| SUSE Linux Enterprise Module for Python 3 15 SP6 | Affected |
| SUSE Linux Enterprise Module for Python 3 15 SP6 | Affected |
| SUSE Linux Enterprise Server 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5 | Affected |
| SUSE Linux Enterprise Server 12 SP5 | Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Affected |
| SUSE Linux Enterprise Server 15 SP4 | Affected |
| SUSE Linux Enterprise Server 15 SP4 | Affected |
| SUSE Linux Enterprise Server 15 SP4 | Affected |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP5 | Affected |
| SUSE Linux Enterprise Server 15 SP5 | Affected |
| SUSE Linux Enterprise Server 15 SP5 | Affected |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP6 | Affected |
| SUSE Linux Enterprise Server 15 SP6 | Affected |
| SUSE Linux Enterprise Server 15 SP6 | Affected |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Affected |
| SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | Affected |
| SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP5 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Affected |
| SUSE Manager Proxy 4.3 | Affected |
| SUSE Manager Proxy 4.3 | Affected |
| SUSE Manager Proxy 4.3 | Affected |
| SUSE Manager Proxy LTS 4.3 | Affected |
| SUSE Manager Retail Branch Server 4.3 | Affected |
| SUSE Manager Retail Branch Server 4.3 | Affected |
| SUSE Manager Retail Branch Server 4.3 | Affected |
| SUSE Manager Retail Branch Server LTS 4.3 | Affected |
| SUSE Manager Server 4.3 | Affected |
| SUSE Manager Server 4.3 | Affected |
| SUSE Manager Server 4.3 | Affected |
| SUSE Manager Server LTS 4.3 | Affected |
| SUSE CaaS Platform 3.0 | Not-Affected |
| SUSE CaaS Platform 4.0 | Not-Affected |
| SUSE CaaS Platform 4.0 | Affected |
| SUSE Enterprise Storage 5 | Not-Affected |
| SUSE Enterprise Storage 6 | Not-Affected |
| SUSE Enterprise Storage 6 | Affected |
| SUSE Enterprise Storage 7 | Not-Affected |
| SUSE Enterprise Storage 7 | Affected |
| SUSE Enterprise Storage 7.1 | Not-Affected |
| SUSE Enterprise Storage 7.1 | Affected |
| SUSE Enterprise Storage 7.1 | Affected |
| SUSE Linux Enterprise Desktop 12 | Affected |
| SUSE Linux Enterprise Desktop 12 SP1 | Not-Affected |
| SUSE Linux Enterprise Desktop 12 SP1 | Affected |
| SUSE Linux Enterprise Desktop 12 SP2 | Not-Affected |
| SUSE Linux Enterprise Desktop 12 SP2 | Affected |
| SUSE Linux Enterprise Desktop 12 SP3 | Not-Affected |
| SUSE Linux Enterprise Desktop 12 SP3 | Affected |
| SUSE Linux Enterprise Desktop 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Desktop 12 SP4 | Affected |
| SUSE Linux Enterprise Desktop 15 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 | Affected |
| SUSE Linux Enterprise Desktop 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP1 | Affected |
| SUSE Linux Enterprise Desktop 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP2 | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | Affected |
| SUSE Linux Enterprise Desktop 15 SP4 | Affected |
| SUSE Linux Enterprise Desktop 15 SP4 | Affected |
| SUSE Linux Enterprise Desktop 15 SP4 | Affected |
| SUSE Linux Enterprise Desktop 15 SP5 | Affected |
| SUSE Linux Enterprise Desktop 15 SP5 | Affected |
| SUSE Linux Enterprise Desktop 15 SP6 | Affected |
| SUSE Linux Enterprise Desktop 15 SP6 | Affected |
| SUSE Linux Enterprise Desktop 15 SP6 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | Affected |
| SUSE Linux Enterprise High Performance Computing 15-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15-ESPOS | Affected |
| SUSE Linux Enterprise High Performance Computing 15-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15-LTSS | Affected |
| SUSE Linux Enterprise Micro 5.0 | Affected |
| SUSE Linux Enterprise Micro 5.1 | Affected |
| SUSE Linux Enterprise Micro 5.2 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | Affected |
| SUSE Linux Enterprise Module for Desktop Applications 15 | Not-Affected |
| SUSE Linux Enterprise Module for Desktop Applications 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Module for Desktop Applications 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Module for Desktop Applications 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Module for Package Hub 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Module for Package Hub 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Module for Package Hub 15 SP6 | Not-Affected |
| SUSE Linux Enterprise Module for Python 2 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Module for Python 2 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Module for Python 2 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Module for Web and Scripting 12 | Affected |
| SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT | Not-Affected |
| SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT | Affected |
| SUSE Linux Enterprise Real Time 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP2 | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | Affected |
| SUSE Linux Enterprise Real Time 15 SP4 | Affected |
| SUSE Linux Enterprise Server 12 | Affected |
| SUSE Linux Enterprise Server 12 SP1 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP1 | Affected |
| SUSE Linux Enterprise Server 12 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP1-LTSS | Affected |
| SUSE Linux Enterprise Server 12 SP2 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP2 | Affected |
| SUSE Linux Enterprise Server 12 SP2-BCL | Not-Affected |
| SUSE Linux Enterprise Server 12 SP2-BCL | Affected |
| SUSE Linux Enterprise Server 12 SP2-ESPOS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP2-ESPOS | Affected |
| SUSE Linux Enterprise Server 12 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP2-LTSS | Affected |
| SUSE Linux Enterprise Server 12 SP3 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP3 | Affected |
| SUSE Linux Enterprise Server 12 SP3-BCL | Not-Affected |
| SUSE Linux Enterprise Server 12 SP3-BCL | Affected |
| SUSE Linux Enterprise Server 12 SP3-ESPOS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP3-ESPOS | Affected |
| SUSE Linux Enterprise Server 12 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP3-LTSS | Affected |
| SUSE Linux Enterprise Server 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4 | Affected |
| SUSE Linux Enterprise Server 12 SP4-ESPOS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4-ESPOS | Affected |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Affected |
| SUSE Linux Enterprise Server 12-LTSS | Affected |
| SUSE Linux Enterprise Server 15 | Not-Affected |
| SUSE Linux Enterprise Server 15 | Affected |
| SUSE Linux Enterprise Server 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1 | Affected |
| SUSE Linux Enterprise Server 15 SP1-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1-BCL | Affected |
| SUSE Linux Enterprise Server 15 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2 | Affected |
| SUSE Linux Enterprise Server 15 SP2-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2-BCL | Affected |
| SUSE Linux Enterprise Server 15 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3 | Affected |
| SUSE Linux Enterprise Server 15 SP3 | Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | Affected |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Affected |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Affected |
| SUSE Linux Enterprise Server 15-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15-LTSS | Affected |
| SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 | Not-Affected |
| SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP1 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP1 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP2 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP2 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP3 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP3 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP1 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP2 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Affected |
| SUSE Linux Enterprise Software Development Kit 12 SP4 | Affected |
| SUSE Linux Enterprise Software Development Kit 12 SP5 | Affected |
| SUSE Manager Proxy 4.0 | Not-Affected |
| SUSE Manager Proxy 4.0 | Affected |
| SUSE Manager Proxy 4.1 | Not-Affected |
| SUSE Manager Proxy 4.1 | Affected |
| SUSE Manager Proxy 4.2 | Not-Affected |
| SUSE Manager Proxy 4.2 | Affected |
| SUSE Manager Proxy 4.2 | Affected |
| SUSE Manager Retail Branch Server 4.0 | Not-Affected |
| SUSE Manager Retail Branch Server 4.0 | Affected |
| SUSE Manager Retail Branch Server 4.1 | Not-Affected |
| SUSE Manager Retail Branch Server 4.1 | Affected |
| SUSE Manager Retail Branch Server 4.2 | Not-Affected |
| SUSE Manager Retail Branch Server 4.2 | Affected |
| SUSE Manager Retail Branch Server 4.2 | Affected |
| SUSE Manager Server 4.0 | Not-Affected |
| SUSE Manager Server 4.0 | Affected |
| SUSE Manager Server 4.1 | Not-Affected |
| SUSE Manager Server 4.1 | Affected |
| SUSE Manager Server 4.2 | Not-Affected |
| SUSE Manager Server 4.2 | Affected |
| SUSE Manager Server 4.2 | Affected |
| SUSE OpenStack Cloud 7 | Not-Affected |
| SUSE OpenStack Cloud 7 | Affected |
| SUSE OpenStack Cloud 8 | Not-Affected |
| SUSE OpenStack Cloud 8 | Affected |
| SUSE OpenStack Cloud 9 | Not-Affected |
| SUSE OpenStack Cloud 9 | Affected |
| SUSE OpenStack Cloud Crowbar 8 | Not-Affected |
| SUSE OpenStack Cloud Crowbar 8 | Affected |
| SUSE OpenStack Cloud Crowbar 9 | Not-Affected |
| SUSE OpenStack Cloud Crowbar 9 | Affected |
| openSUSE Leap 15.3 | Not-Affected |
| openSUSE Leap 15.3 | Affected |
| openSUSE Leap 15.3 | Affected |
| openSUSE Leap 15.4 | Not-Affected |
| openSUSE Leap 15.4 | Affected |
| openSUSE Leap 15.4 | Affected |
| openSUSE Leap 15.4 | Affected |
| openSUSE Leap 15.4 | Affected |
| openSUSE Leap 15.5 | Not-Affected |
| openSUSE Leap 15.5 | Affected |
| openSUSE Leap 15.5 | Affected |
| openSUSE Leap 15.5 | Affected |
| openSUSE Leap 15.5 | Affected |
| openSUSE Leap 15.6 | Not-Affected |
| openSUSE Leap 15.6 | Affected |
| openSUSE Leap 15.6 | Affected |
| openSUSE Leap 15.6 | Affected |
| openSUSE Leap 15.6 | Affected |
| openSUSE Leap 15.6 | Affected |
| openSUSE Leap Micro 5.2 | Affected |
| openSUSE Leap Micro 5.3 | Affected |
| openSUSE Leap Micro 5.4 | Affected |
| openSUSE Leap Micro 5.5 | Affected |
| SLES-CHOST-BYOS-Aliyun | Affected |
| SLES-CHOST-BYOS-Azure | Affected |
| SLES-CHOST-BYOS-EC2 | Affected |
| SLES-CHOST-BYOS-GCE | Affected |
| SLES-CHOST-BYOS-GDC | Affected |
| SLES-CHOST-BYOS-SAP-CCloud | Affected |
| bci/python containers/lmcache-lmstack-router:0 containers/lmcache-vllm-openai:0 containers/open-webui-pipelines:0 containers/open-webui:0 containers/python:3.11 containers/pytorch:2-nvidia containers/vllm-openai:0 suse/multi-linux-manager/5.1/x86_64/proxy-salt-broker suse/multi-linux-manager/5.1/x86_64/server suse/multi-linux-manager/5.2/x86_64/proxy-salt-broker suse/multi-linux-manager/5.2/x86_64/server | Affected |
| bci/kiwi bci/python:3 containers/open-webui-mcpo:0 ses/6/cephcsi/cephcsi ses/6/rook/ceph ses/7.1/cephcsi/cephcsi ses/7.1/rook/ceph ses/7/ceph/ceph ses/7/cephcsi/cephcsi ses/7/rook/ceph suse/389-ds suse/manager/4.3/proxy-httpd suse/manager/4.3/proxy-salt-broker suse/manager/4.3/proxy-ssh suse/manager/4.3/proxy-tftpd suse/manager/5.0/x86_64/proxy-httpd suse/manager/5.0/x86_64/proxy-salt-broker suse/manager/5.0/x86_64/proxy-ssh suse/manager/5.0/x86_64/proxy-tftpd suse/manager/5.0/x86_64/server suse/multi-linux-manager/5.1/x86_64/proxy-httpd suse/multi-linux-manager/5.1/x86_64/proxy-salt-broker suse/multi-linux-manager/5.1/x86_64/proxy-squid suse/multi-linux-manager/5.1/x86_64/proxy-ssh suse/multi-linux-manager/5.1/x86_64/proxy-tftpd suse/multi-linux-manager/5.1/x86_64/server suse/multi-linux-manager/5.2/x86_64/proxy-httpd suse/multi-linux-manager/5.2/x86_64/proxy-salt-broker suse/multi-linux-manager/5.2/x86_64/proxy-squid suse/multi-linux-manager/5.2/x86_64/proxy-ssh suse/multi-linux-manager/5.2/x86_64/proxy-tftpd suse/multi-linux-manager/5.2/x86_64/server suse/sles/15.3/virt-launcher:0.45.0 suse/sles/15.4/virt-launcher:0.49.0 trento/trento-runner | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38554
GHSA-g345-7jg6-m22p