GCVE - cpe:2.3:o:opensuse:leap:15.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:opensuse:leap:15.3:*:*:*:*:*:*:*

part: o version: 15.3 update: *

Vendor	Opensuse (`3380e48e-e718-5685-8ad0-092ef58910e5`)
Product	Leap (`390d403b-8584-5adf-9fe7-11b9b47bb7b2`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/opensuse/leap`	purl2cpe	2026-06-01 10:15:36.598420
`pkg:opensuse/leap`	purl2cpe	2026-06-01 10:15:36.598421
`pkg:rpm/opensuse/leap-release`	purl2cpe	2026-06-01 10:15:36.598423

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-31431`	vulnerable	2026-06-03 15:19:26.421471	crypto: algif_aead - Revert to operating out-of-place HIGH (7.8) In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly. Published: 2026-04-22T08:15:10.123Z Updated: 2026-05-18T17:44:54.264Z Open on db.gcve.eu Reference links https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667 https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-31254`	not_vulnerable	2026-06-03 14:47:11.030730	rmt-server-pubcloud allows to escalate from user _rmt to root HIGH (7.8) A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-server versions prior to 2.10. openSUSE Leap 15.3 rmt-server versions prior to 2.10. openSUSE Leap 15.4 rmt-server versions prior to 2.10. Published: 2023-02-07T00:00:00.000Z Updated: 2025-03-25T15:40:27.938Z Open on db.gcve.eu Reference links https://bugzilla.suse.com/show_bug.cgi?id=1204285	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-31252`	vulnerable	2026-06-03 14:47:11.021034	permissions: chkstat does not check for group-writable parent directories or target files in safeOpen() MEDIUM (4.4) A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225. Published: 2022-10-06T17:14:05.294Z Updated: 2024-09-16T18:40:06.727Z Open on db.gcve.eu Reference links https://bugzilla.suse.com/show_bug.cgi?id=1203018	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-46142`	vulnerable	2026-06-03 14:45:39.276973	Details available An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. Published: 2022-01-06T03:48:36.000Z Updated: 2024-08-04T05:02:10.368Z Open on db.gcve.eu Reference links https://github.com/uriparser/uriparser/pull/124 https://github.com/uriparser/uriparser/issues/122 https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-46141`	vulnerable	2026-06-03 14:45:39.276281	Details available An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. Published: 2022-01-06T03:48:45.000Z Updated: 2024-08-04T05:02:10.366Z Open on db.gcve.eu Reference links https://github.com/uriparser/uriparser/issues/121 https://github.com/uriparser/uriparser/pull/124 https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.