rpm package
opensuse/micropython&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/micropython&distro=openSUSE%20Tumbleweed
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-1998 | Low | 3.3 | < 1.26.1-2.1 | 1.26.1-2.1 | Feb 6, 2026 | A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mp_import_all of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name: 5707 | |
| CVE-2025-59438 | — | < 1.26.0-2.1 | 1.26.0-2.1 | Oct 21, 2025 | Mbed TLS through 3.6.4 has an Observable Timing Discrepancy. | ||
| CVE-2024-8947 | — | < 1.28.0-2.1 | 1.28.0-2.1 | Sep 17, 2024 | A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is r | ||
| CVE-2023-7158 | — | < 1.22.0-1.1 | 1.22.0-1.1 | Dec 29, 2023 | A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function slice_indices of the file objslice.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been discl |
- affected < 1.26.1-2.1fixed 1.26.1-2.1
A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mp_import_all of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name: 5707
- CVE-2025-59438Oct 21, 2025affected < 1.26.0-2.1fixed 1.26.0-2.1
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.
- CVE-2024-8947Sep 17, 2024affected < 1.28.0-2.1fixed 1.28.0-2.1
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is r
- CVE-2023-7158Dec 29, 2023affected < 1.22.0-1.1fixed 1.22.0-1.1
A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function slice_indices of the file objslice.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been discl