Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2026:20047-1

SUSE-SU-2026:20047-1

UNKNOWN

Security update for python311

Published Jan 8, 2026

Modified 1 weeks ago

Fix available

Details

This update for python311 fixes the following issues:

CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service (bsc#1254997)
CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response (bsc#1254400)
CVE-2025-13837: Fixed plistlib module denial of service (bsc#1254401)

Affected Packages

libpython3_11-1_0

SUSE Linux Micro 6.0

Fixed in:

3.11.14-2.1

python311

SUSE Linux Micro 6.0

Fixed in:

3.11.14-2.1

python311-base

SUSE Linux Micro 6.0

Fixed in:

3.11.14-2.1

python311-core

SUSE Linux Micro 6.0

Fixed in:

3.11.14-2.1

python311-curses

SUSE Linux Micro 6.0

Fixed in:

3.11.14-2.1

References

REPORThttps://bugzilla.suse.com/1254400 REPORThttps://bugzilla.suse.com/1254401 REPORThttps://bugzilla.suse.com/1254997 WEBhttps://www.suse.com/security/cve/CVE-2025-12084 WEBhttps://www.suse.com/security/cve/CVE-2025-13836 WEBhttps://www.suse.com/security/cve/CVE-2025-13837 ADVISORYhttps://www.suse.com/support/update/announcement/2026/suse-su-202620047-1/

Upstream

CVE-2025-12084 CVE-2025-13836 CVE-2025-13837

Related

CVE-2025-12084 CVE-2025-13836 CVE-2025-13837

Ecosystems

SUSE Linux Micro 6.0

Timeline

PublishedJan 8, 2026

ModifiedJan 8, 2026

SUSE-SU-2026:20047-1 | Mondoo Vulnerability Intelligence