rpm package
suse/rubygem-puma&distro=SUSE OpenStack Cloud Crowbar 9
pkg:rpm/suse/rubygem-puma&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
Vulnerabilities (43)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-0201 | — | < 2.16.0-4.6.1 | 2.16.0-4.6.1 | May 23, 2019 | An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuth | ||
| CVE-2019-11596 | — | < 2.16.0-4.6.1 | 2.16.0-4.6.1 | Apr 29, 2019 | In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c. | ||
| CVE-2019-3828 | — | < 2.16.0-4.9.1 | 2.16.0-4.9.1 | Mar 27, 2019 | Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path. |
- CVE-2019-0201May 23, 2019affected < 2.16.0-4.6.1fixed 2.16.0-4.6.1
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuth
- CVE-2019-11596Apr 29, 2019affected < 2.16.0-4.6.1fixed 2.16.0-4.6.1
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
- CVE-2019-3828Mar 27, 2019affected < 2.16.0-4.9.1fixed 2.16.0-4.9.1
Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.
Page 3 of 3