rpm package
suse/bind&distro=SUSE Manager Client Tools for SLE Micro 5
pkg:rpm/suse/bind&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205
Vulnerabilities (28)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-27664 | — | < 9.16.6-150000.12.65.1 | 9.16.6-150000.12.65.1 | Sep 6, 2022 | In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. | ||
| CVE-2022-31107 | — | < 9.16.6-150000.12.65.1 | 9.16.6-150000.12.65.1 | Jul 15, 2022 | Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take ove | ||
| CVE-2022-31097 | — | < 9.16.6-150000.12.65.1 | 9.16.6-150000.12.65.1 | Jul 15, 2022 | Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability | ||
| CVE-2021-43138 | — | < 9.16.6-150000.12.65.1 | 9.16.6-150000.12.65.1 | Apr 6, 2022 | In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution. | ||
| CVE-2022-0155 | — | < 9.16.6-150000.12.65.1 | 9.16.6-150000.12.65.1 | Jan 10, 2022 | follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor | ||
| CVE-2021-3918 | — | < 9.16.6-150000.12.65.1 | 9.16.6-150000.12.65.1 | Nov 13, 2021 | json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | ||
| CVE-2021-3807 | — | < 9.16.6-150000.12.65.1 | 9.16.6-150000.12.65.1 | Sep 17, 2021 | ansi-regex is vulnerable to Inefficient Regular Expression Complexity | ||
| CVE-2020-7753 | — | < 9.16.6-150000.12.65.1 | 9.16.6-150000.12.65.1 | Oct 27, 2020 | All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim(). |
- CVE-2022-27664Sep 6, 2022affected < 9.16.6-150000.12.65.1fixed 9.16.6-150000.12.65.1
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
- CVE-2022-31107Jul 15, 2022affected < 9.16.6-150000.12.65.1fixed 9.16.6-150000.12.65.1
Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take ove
- CVE-2022-31097Jul 15, 2022affected < 9.16.6-150000.12.65.1fixed 9.16.6-150000.12.65.1
Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability
- CVE-2021-43138Apr 6, 2022affected < 9.16.6-150000.12.65.1fixed 9.16.6-150000.12.65.1
In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.
- CVE-2022-0155Jan 10, 2022affected < 9.16.6-150000.12.65.1fixed 9.16.6-150000.12.65.1
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
- CVE-2021-3918Nov 13, 2021affected < 9.16.6-150000.12.65.1fixed 9.16.6-150000.12.65.1
json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
- CVE-2021-3807Sep 17, 2021affected < 9.16.6-150000.12.65.1fixed 9.16.6-150000.12.65.1
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
- CVE-2020-7753Oct 27, 2020affected < 9.16.6-150000.12.65.1fixed 9.16.6-150000.12.65.1
All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().
Page 2 of 2