rpm package
opensuse/rmt-server&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/rmt-server&distro=openSUSE%20Tumbleweed
Vulnerabilities (20)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-28120 | Med | 5.3 | < 2.12-1.1 | 2.12-1.1 | Jan 9, 2025 | There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. | |
| CVE-2024-28103 | — | < 2.18-1.1 | 2.18-1.1 | Jun 4, 2024 | Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3. | ||
| CVE-2023-27530 | — | < 2.12-1.1 | 2.12-1.1 | Mar 10, 2023 | A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected. | ||
| CVE-2022-31254 | — | < 2.12-1.1 | 2.12-1.1 | Feb 7, 2023 | A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt u | ||
| CVE-2020-15169 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Sep 11, 2020 | In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS | ||
| CVE-2020-8166 | Med | 4.3 | < 2.6.13-1.1 | 2.6.13-1.1 | Jul 2, 2020 | A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token. | |
| CVE-2020-8185 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Jul 2, 2020 | A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production. | ||
| CVE-2020-8167 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Jun 19, 2020 | A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains. | ||
| CVE-2020-8165 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Jun 19, 2020 | A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. | ||
| CVE-2020-8164 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Jun 19, 2020 | A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. | ||
| CVE-2020-8184 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Jun 19, 2020 | A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. | ||
| CVE-2020-11076 | — | < 2.6.13-1.1 | 2.6.13-1.1 | May 22, 2020 | In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4. | ||
| CVE-2019-18904 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Apr 3, 2020 | A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applicati | ||
| CVE-2019-16770 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Dec 5, 2019 | In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait p | ||
| CVE-2019-11068 | Cri | 9.8 | < 2.6.13-1.1 | 2.6.13-1.1 | Apr 10, 2019 | libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. | |
| CVE-2019-5420 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Mar 27, 2019 | A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code ex | ||
| CVE-2019-5419 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Mar 27, 2019 | There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. | ||
| CVE-2018-16470 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Nov 13, 2018 | There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size. | ||
| CVE-2018-16468 | — | < 2.6.13-1.1 | 2.6.13-1.1 | Oct 30, 2018 | In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. | ||
| CVE-2018-14404 | Med | 6.5 | < 2.6.13-1.1 | 2.6.13-1.1 | Jul 19, 2018 | A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 |
- affected < 2.12-1.1fixed 2.12-1.1
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.
- CVE-2024-28103Jun 4, 2024affected < 2.18-1.1fixed 2.18-1.1
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.
- CVE-2023-27530Mar 10, 2023affected < 2.12-1.1fixed 2.12-1.1
A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.
- CVE-2022-31254Feb 7, 2023affected < 2.12-1.1fixed 2.12-1.1
A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt u
- CVE-2020-15169Sep 11, 2020affected < 2.6.13-1.1fixed 2.6.13-1.1
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS
- affected < 2.6.13-1.1fixed 2.6.13-1.1
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.
- CVE-2020-8185Jul 2, 2020affected < 2.6.13-1.1fixed 2.6.13-1.1
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
- CVE-2020-8167Jun 19, 2020affected < 2.6.13-1.1fixed 2.6.13-1.1
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
- CVE-2020-8165Jun 19, 2020affected < 2.6.13-1.1fixed 2.6.13-1.1
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
- CVE-2020-8164Jun 19, 2020affected < 2.6.13-1.1fixed 2.6.13-1.1
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
- CVE-2020-8184Jun 19, 2020affected < 2.6.13-1.1fixed 2.6.13-1.1
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
- CVE-2020-11076May 22, 2020affected < 2.6.13-1.1fixed 2.6.13-1.1
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.
- CVE-2019-18904Apr 3, 2020affected < 2.6.13-1.1fixed 2.6.13-1.1
A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applicati
- CVE-2019-16770Dec 5, 2019affected < 2.6.13-1.1fixed 2.6.13-1.1
In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait p
- affected < 2.6.13-1.1fixed 2.6.13-1.1
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
- CVE-2019-5420Mar 27, 2019affected < 2.6.13-1.1fixed 2.6.13-1.1
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code ex
- CVE-2019-5419Mar 27, 2019affected < 2.6.13-1.1fixed 2.6.13-1.1
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
- CVE-2018-16470Nov 13, 2018affected < 2.6.13-1.1fixed 2.6.13-1.1
There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.
- CVE-2018-16468Oct 30, 2018affected < 2.6.13-1.1fixed 2.6.13-1.1
In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
- affected < 2.6.13-1.1fixed 2.6.13-1.1
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2