VYPR

rpm package

suse/libvirt&distro=SUSE Linux Enterprise Software Development Kit 12 SP1

pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Vulnerabilities (2)

  • CVE-2016-5008CriJul 13, 2016
    affected < 1.2.18.4-11.7fixed 1.2.18.4-11.7

    libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.

  • CVE-2015-5313LowApr 11, 2016
    affected < 1.2.18.2-8.1fixed 1.2.18.2-8.1

    Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write t