rpm package
suse/openwsman&distro=SUSE Linux Enterprise Server 12 SP4
pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-3833 | Hig | 7.5 | < 2.4.11-21.8.1 | 2.4.11-21.8.1 | Mar 14, 2019 | Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to o | |
| CVE-2019-3816 | Hig | 7.5 | < 2.4.11-21.8.1 | 2.4.11-21.8.1 | Mar 14, 2019 | Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request t |
- affected < 2.4.11-21.8.1fixed 2.4.11-21.8.1
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to o
- affected < 2.4.11-21.8.1fixed 2.4.11-21.8.1
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request t