rpm package
suse/prometheus-client-java&distro=SUSE Manager Server 3.1
pkg:rpm/suse/prometheus-client-java&distro=SUSE%20Manager%20Server%203.1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1000469 | — | < 0.3.0-1.3.5 | 0.3.0-1.3.5 | Jan 3, 2018 | Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user. | ||
| CVE-2014-5326 | — | < 0.3.0-1.3.5 | 0.3.0-1.3.5 | Nov 24, 2014 | Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
- CVE-2017-1000469Jan 3, 2018affected < 0.3.0-1.3.5fixed 0.3.0-1.3.5
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
- CVE-2014-5326Nov 24, 2014affected < 0.3.0-1.3.5fixed 0.3.0-1.3.5
Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.