rpm package
suse/libzypp&distro=SUSE Linux Enterprise Installer Updates 15 SP2
pkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-0217 | — | < 17.32.2-150200.92.3 | 17.32.2-150200.92.3 | Jan 3, 2024 | A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other al | ||
| CVE-2017-9271 | — | < 17.25.5-3.25.6 | 17.25.5-3.25.6 | Mar 1, 2018 | The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used. |
- CVE-2024-0217Jan 3, 2024affected < 17.32.2-150200.92.3fixed 17.32.2-150200.92.3
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other al
- CVE-2017-9271Mar 1, 2018affected < 17.25.5-3.25.6fixed 17.25.5-3.25.6
The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.