VYPR

rpm package

suse/rmt-server&distro=SUSE Linux Enterprise Module for Server Applications 15 SP5

pkg:rpm/suse/rmt-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5

Vulnerabilities (4)

  • CVE-2023-28120MedJan 9, 2025
    affected < 2.13-150500.3.3.1fixed 2.13-150500.3.3.1

    There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.

  • CVE-2024-28103Jun 4, 2024
    affected < 2.17-150500.3.16.1fixed 2.17-150500.3.16.1

    Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.

  • CVE-2023-27530Mar 10, 2023
    affected < 2.13-150500.3.3.1fixed 2.13-150500.3.3.1

    A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.

  • CVE-2022-31254Feb 7, 2023
    affected < 2.13-150500.3.3.1fixed 2.13-150500.3.3.1

    A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt u