Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-02-09 | CVE-2021-26676 | gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. | Debian_linux, Connman, Leap | 6.5 | ||
2022-01-01 | CVE-2021-41817 | Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. | Debian_linux, Fedora, Factory, Leap, Enterprise_linux, Software_collections, Date, Ruby, Linux_enterprise | 7.5 | ||
2022-01-01 | CVE-2021-41819 | CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. | Debian_linux, Fedora, Factory, Leap, Enterprise_linux, Software_collections, Cgi, Ruby, Linux_enterprise | 7.5 | ||
2022-01-06 | CVE-2021-46141 | An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports, Factory, Leap, Uriparser | 5.5 | ||
2022-01-06 | CVE-2021-46142 | An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports, Factory, Leap, Uriparser | 5.5 | ||
2022-10-06 | CVE-2022-31252 | A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior... | Leap, Leap_micro, Linux_enterprise_server | 4.4 | ||
2023-02-15 | CVE-2022-45153 | An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5... | Leap, Linux_enterprise_module_for_sap_applications, Linux_enterprise_server | 7.8 | ||
2023-09-19 | CVE-2023-32182 | A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1. | Leap, Linux_enterprise_high_performance_computing, Suse_linux_enterprise_desktop | 7.8 | ||
2016-06-10 | CVE-2016-5118 | The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | Ubuntu_linux, Debian_linux, Graphicsmagick, Imagemagick, Leap, Opensuse, Linux, Solaris, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Studio_onsite | 9.8 | ||
2017-03-17 | CVE-2014-9852 | distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. | Imagemagick, Leap, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension | 9.8 |