rpm package
suse/rubygem-crowbar-client&distro=SUSE Enterprise Storage 4
pkg:rpm/suse/rubygem-crowbar-client&distro=SUSE%20Enterprise%20Storage%204
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1000872 | — | < 3.9.0-7.14.2 | 3.9.0-7.14.2 | Dec 20, 2018 | OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. | ||
| CVE-2017-1000433 | — | < 3.9.0-7.14.2 | 3.9.0-7.14.2 | Jan 2, 2018 | pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password. |
- CVE-2018-1000872Dec 20, 2018affected < 3.9.0-7.14.2fixed 3.9.0-7.14.2
OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets.
- CVE-2017-1000433Jan 2, 2018affected < 3.9.0-7.14.2fixed 3.9.0-7.14.2
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.