rpm package
suse/python-PyKMIP&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/python-PyKMIP&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1000872 | — | < 0.5.0-3.3.3 | 0.5.0-3.3.3 | Dec 20, 2018 | OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. | ||
| CVE-2017-1000433 | Hig | 8.1 | < 0.5.0-3.3.3 | 0.5.0-3.3.3 | Jan 2, 2018 | pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password. |
- CVE-2018-1000872Dec 20, 2018affected < 0.5.0-3.3.3fixed 0.5.0-3.3.3
OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets.
- affected < 0.5.0-3.3.3fixed 0.5.0-3.3.3
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.