rpm package
suse/galera-3&distro=HPE Helion OpenStack 8
pkg:rpm/suse/galera-3&distro=HPE%20Helion%20OpenStack%208
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-3064 | — | < 25.3.24-4.3.1 | 25.3.24-4.3.1 | Jul 18, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p | ||
| CVE-2018-3063 | — | < 25.3.24-4.3.1 | 25.3.24-4.3.1 | Jul 18, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp | ||
| CVE-2018-3060 | — | < 25.3.24-4.3.1 | 25.3.24-4.3.1 | Jul 18, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2018-3058 | — | < 25.3.24-4.3.1 | 25.3.24-4.3.1 | Jul 18, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p | ||
| CVE-2016-9843 | Cri | 9.8 | < 25.3.24-4.3.1 | 25.3.24-4.3.1 | May 23, 2017 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | |
| CVE-2016-10127 | Cri | 9.0 | < 25.3.25-4.6.3 | 25.3.25-4.6.3 | Mar 3, 2017 | PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response. | |
| CVE-2015-3448 | — | < 25.3.25-4.6.3 | 25.3.25-4.6.3 | Apr 29, 2015 | REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log. |
- CVE-2018-3064Jul 18, 2018affected < 25.3.24-4.3.1fixed 25.3.24-4.3.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
- CVE-2018-3063Jul 18, 2018affected < 25.3.24-4.3.1fixed 25.3.24-4.3.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to comp
- CVE-2018-3060Jul 18, 2018affected < 25.3.24-4.3.1fixed 25.3.24-4.3.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2018-3058Jul 18, 2018affected < 25.3.24-4.3.1fixed 25.3.24-4.3.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
- affected < 25.3.24-4.3.1fixed 25.3.24-4.3.1
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
- affected < 25.3.25-4.6.3fixed 25.3.25-4.6.3
PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response.
- CVE-2015-3448Apr 29, 2015affected < 25.3.25-4.6.3fixed 25.3.25-4.6.3
REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
Page 2 of 2