rpm package
suse/kibana&distro=HPE Helion OpenStack 8
pkg:rpm/suse/kibana&distro=HPE%20Helion%20OpenStack%208
Vulnerabilities (43)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1000246 | Med | 5.3 | < 4.6.3-3.3.1 | 4.6.3-3.3.1 | Nov 17, 2017 | Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data. | |
| CVE-2017-11499 | Hig | 7.5 | < 4.6.6-3.9.2 | 4.6.6-3.9.2 | Jul 25, 2017 | Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building | |
| CVE-2017-5929 | Cri | 9.8 | < 4.6.6-3.9.2 | 4.6.6-3.9.2 | Mar 13, 2017 | QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. |
- affected < 4.6.3-3.3.1fixed 4.6.3-3.3.1
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
- affected < 4.6.6-3.9.2fixed 4.6.6-3.9.2
Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building
- affected < 4.6.6-3.9.2fixed 4.6.6-3.9.2
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
Page 3 of 3