SUSE-SU-2026:0226-1

MEDIUM5.3

Security update for python-marshmallow

Published Jan 22, 2026

Modified 5 months ago

Fix available

Details

Description of the patch:

This update for python-marshmallow fixes the following issues:

CVE-2025-68480: Fixed possible DoS when using Schema.load(data, many=True) (bsc#1255473).

Affected Packages

python311-marshmallow

SUSE Linux Enterprise High Performance Computing 15 SP4SUSE Linux Enterprise High Performance Computing 15 SP5SUSE Linux Enterprise High Performance Computing 15 SP6SUSE Linux Enterprise High Performance Computing 15 SP7SUSE Linux Enterprise Module for Public Cloud 15 SP4

Fixed in:

3.20.2-150400.9.10.1

References

ADVISORY

https://bugzilla.suse.com/1255473

ADVISORY

https://lists.suse.com/pipermail/sle-security-updates/2026-January/023858.html

ADVISORY

https://www.suse.com/security/cve/CVE-2025-68480/

WEB

https://www.suse.com/support/security/rating/

ADVISORY