VYPR

rpm package

suse/mgr-osad&distro=SUSE Manager Proxy Module 4.0

pkg:rpm/suse/mgr-osad&distro=SUSE%20Manager%20Proxy%20Module%204.0

Vulnerabilities (3)

  • CVE-2020-1693Feb 17, 2020
    affected < 4.0.11-3.9.2fixed 4.0.11-3.9.2

    A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circums

  • CVE-2019-16769Dec 5, 2019
    affected < 4.0.11-3.9.2fixed 4.0.11-3.9.2

    The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementati

  • CVE-2018-1077HigMar 14, 2018
    affected < 4.0.11-3.9.2fixed 4.0.11-3.9.2

    Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server.