rpm package
suse/rmt-server&distro=SUSE Linux Enterprise Server 15-LTSS
pkg:rpm/suse/rmt-server&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS
Vulnerabilities (18)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-31254 | — | < 2.10-150000.3.61.1 | 2.10-150000.3.61.1 | Feb 7, 2023 | A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt u | ||
| CVE-2020-15169 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Sep 11, 2020 | In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS | ||
| CVE-2020-8166 | Med | 4.3 | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Jul 2, 2020 | A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token. | |
| CVE-2020-8185 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Jul 2, 2020 | A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production. | ||
| CVE-2020-8167 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Jun 19, 2020 | A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains. | ||
| CVE-2020-8165 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Jun 19, 2020 | A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. | ||
| CVE-2020-8164 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Jun 19, 2020 | A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. | ||
| CVE-2020-8184 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Jun 19, 2020 | A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. | ||
| CVE-2020-11077 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | May 22, 2020 | In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mis | ||
| CVE-2020-11076 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | May 22, 2020 | In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4. | ||
| CVE-2019-18904 | — | < 2.5.2-3.26.1 | 2.5.2-3.26.1 | Apr 3, 2020 | A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applicati | ||
| CVE-2020-5267 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Mar 19, 2020 | In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2. | ||
| CVE-2020-5249 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Mar 2, 2020 | In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. Th | ||
| CVE-2020-5247 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Feb 28, 2020 | In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entir | ||
| CVE-2019-16770 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Dec 5, 2019 | In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait p | ||
| CVE-2019-5420 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Mar 27, 2019 | A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code ex | ||
| CVE-2019-5419 | — | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Mar 27, 2019 | There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. | ||
| CVE-2019-5418 | — | KEV | < 2.6.5-3.34.1 | 2.6.5-3.34.1 | Mar 27, 2019 | There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. |
- CVE-2022-31254Feb 7, 2023affected < 2.10-150000.3.61.1fixed 2.10-150000.3.61.1
A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt u
- CVE-2020-15169Sep 11, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS
- affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.
- CVE-2020-8185Jul 2, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
- CVE-2020-8167Jun 19, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
- CVE-2020-8165Jun 19, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
- CVE-2020-8164Jun 19, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
- CVE-2020-8184Jun 19, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
- CVE-2020-11077May 22, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mis
- CVE-2020-11076May 22, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.
- CVE-2019-18904Apr 3, 2020affected < 2.5.2-3.26.1fixed 2.5.2-3.26.1
A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applicati
- CVE-2020-5267Mar 19, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.
- CVE-2020-5249Mar 2, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. Th
- CVE-2020-5247Feb 28, 2020affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entir
- CVE-2019-16770Dec 5, 2019affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait p
- CVE-2019-5420Mar 27, 2019affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code ex
- CVE-2019-5419Mar 27, 2019affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
- affected < 2.6.5-3.34.1fixed 2.6.5-3.34.1
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.