rpm package

suse/google-osconfig-agent&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5

pkg:rpm/suse/google-osconfig-agent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Vulnerabilities (3)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-22868		—	< 20250115.01-150000.1.47.1	20250115.01-150000.1.47.1	Feb 26, 2025	An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
CVE-2024-45339	Hig	7.1	< 20250416.02-150000.1.50.1	20250416.02-150000.1.50.1	Jan 28, 2025	When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and
CVE-2024-24790		—	< 20250115.01-150000.1.41.1	20250115.01-150000.1.41.1	Jun 5, 2024	The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.

CVE-2025-22868Feb 26, 2025
affected < 20250115.01-150000.1.47.1fixed 20250115.01-150000.1.47.1
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
CVE-2024-45339HigJan 28, 2025
affected < 20250416.02-150000.1.50.1fixed 20250416.02-150000.1.50.1
When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and
CVE-2024-24790Jun 5, 2024
affected < 20250115.01-150000.1.41.1fixed 20250115.01-150000.1.41.1
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.