openSUSE Leap 15.6 Python Multipart Important Denial Of Service 2026-2483-1
opensuse
June 22, 2026
An update that solves four vulnerabilities can now be installed.
Description
This update for python-python-multipart fixes the following issues
* CVE-2026-53537: multipart/form-data with extended parameters can lead to
file or parameter smuggling (bsc#1268506).
* CVE-2026-53538: urlencoded requests containing semicolons can lead to form
field smuggling (bsc#1268496).
* CVE-2026-53539: small crafted body can cause a denial of service
(bsc#1268500).
* CVE-2026-53540: crafted request buffers can lead to degrading availability
(bsc#1268488).
Patch
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2483=1
Package List
* openSUSE Leap 15.6 (noarch)
* python311-python-multipart-0.0.9-150600.3.15.1
References
* bsc#1268488
* bsc#1268496
* bsc#1268500
* bsc#1268506
## References:
* https://www.suse.com/security/cve/CVE-2026-53537.html
* https://www.suse.com/security/cve/CVE-2026-53538.html
* https://www.suse.com/security/cve/CVE-2026-53539.html
* https://www.suse.com/security/cve/CVE-2026-53540.html
* https://bugzilla.suse.com/show_bug.cgi?id=1268488
* https://bugzilla.suse.com/show_bug.cgi?id=1268496
* https://bugzilla.suse.com/show_bug.cgi?id=1268500
* https://bugzilla.suse.com/show_bug.cgi?id=1268506
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2026:2483-1
Release Date: 2026-06-22T11:54:04Z
Affected Products: * openSUSE Leap 15.6
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!