rpm package
suse/update-alternatives&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/update-alternatives&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-2219 | Hig | 7.5 | < 1.22.0-3.1 | 1.22.0-3.1 | Mar 7, 2026 | It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU). | |
| CVE-2025-6297 | — | < 1.22.0-2.1 | 1.22.0-2.1 | Jul 1, 2025 | It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given |
- affected < 1.22.0-3.1fixed 1.22.0-3.1
It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).
- CVE-2025-6297Jul 1, 2025affected < 1.22.0-2.1fixed 1.22.0-2.1
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given