[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2026:0022-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":61,"epss":9,"epss_history":62,"metrics":63,"affected":64},"SUSE-SU-2026:0022-1","Security update for qemu\n\nThis update for qemu fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2025-12464: stack-based buffer overflow in the e1000 network device operations can be exploited by a malicious\n  guest user to crash the QEMU process on the host (bsc#1253002).\n- CVE-2025-11234: use-after-free in WebSocket handshake operations can be exploited by a malicious client with network\n  access to the VNC WebSocket port to cause a denial-of-service (bsc#1250984).\n\nOther updates and bugfixes:\n \n- [openSUSE][RPM]: really fix *-virtio-gpu-pci dependency on ARM (bsc#1254286).\n- block/curl: fix curl internal handles handling (bsc#1252768).\n",null,[],[],[],[14,16],{"_key":15},"CVE-2025-11234",{"_key":17},"CVE-2025-12464",[],[],[21,22],{"_key":15},{"_key":17},"2026-01-05T11:18:23Z","2026-03-23T04:51:36.041128Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,35,40,44,48,52,57],{"url":29,"sources":30,"tags":33},"https://www.suse.com/support/update/announcement/2026/suse-su-20260022-1/",[31,32],"osv_suse","osv_opensuse",[34],"Advisory",{"url":36,"sources":37,"tags":38},"https://bugzilla.suse.com/1250984",[31,32],[39],"REPORT",{"url":41,"sources":42,"tags":43},"https://bugzilla.suse.com/1252768",[31,32],[39],{"url":45,"sources":46,"tags":47},"https://bugzilla.suse.com/1253002",[31,32],[39],{"url":49,"sources":50,"tags":51},"https://bugzilla.suse.com/1254286",[31,32],[39],{"url":53,"sources":54,"tags":55},"https://www.suse.com/security/cve/CVE-2025-11234",[31,32],[56],"WEB",{"url":58,"sources":59,"tags":60},"https://www.suse.com/security/cve/CVE-2025-12464",[31,32],[56],[],[],[],[65,78,83,89],{"ecosystem":66,"name":67,"vendor":68,"product":69,"cpe_part":9,"purl_type":70,"purl_namespace":68,"purl_name":69,"source":9,"versions":71},"openSUSE","qemu-linux-user","opensuse","qemu-linux-user&distro=openSUSE Leap 15.6","rpm",[72],{"version":73,"is_range":74,"range_type":75,"version_start":9,"version_start_type":9,"version_end":76,"version_end_type":77,"fixed_in":9},"lt8_2_10_150600_3_43_1",true,"ecosystem","8.2.10-150600.3.43.1","excluding",{"ecosystem":66,"name":79,"vendor":68,"product":80,"cpe_part":9,"purl_type":70,"purl_namespace":68,"purl_name":80,"source":9,"versions":81},"qemu","qemu&distro=openSUSE Leap 15.6",[82],{"version":73,"is_range":74,"range_type":75,"version_start":9,"version_start_type":9,"version_end":76,"version_end_type":77,"fixed_in":9},{"ecosystem":84,"name":79,"vendor":85,"product":86,"cpe_part":9,"purl_type":70,"purl_namespace":85,"purl_name":86,"source":9,"versions":87},"SUSE Linux Enterprise","suse","qemu&distro=SUSE Linux Enterprise Server 15 SP6-LTSS",[88],{"version":73,"is_range":74,"range_type":75,"version_start":9,"version_start_type":9,"version_end":76,"version_end_type":77,"fixed_in":9},{"ecosystem":84,"name":79,"vendor":85,"product":90,"cpe_part":9,"purl_type":70,"purl_namespace":85,"purl_name":90,"source":9,"versions":91},"qemu&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6",[92],{"version":73,"is_range":74,"range_type":75,"version_start":9,"version_start_type":9,"version_end":76,"version_end_type":77,"fixed_in":9}]