VYPR

rpm package

opensuse/munge&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/munge&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2026-25506Feb 10, 2026
    affected < 0.5.18-1.1fixed 0.5.18-1.1

    MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daemon) to leak cryptographic key material from process memory. With the leaked key

  • CVE-2019-3691Jan 23, 2020
    affected < 0.5.14-2.6fixed 0.5.14-2.6

    A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5