rpm package
suse/spacewalk-reports&distro=SUSE Manager Server Module 4.1
pkg:rpm/suse/spacewalk-reports&distro=SUSE%20Manager%20Server%20Module%204.1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21996 | — | < 4.1.4-3.6.2 | 4.1.4-3.6.2 | Sep 8, 2021 | An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion. | ||
| CVE-2020-25638 | — | < 4.1.5-3.9.1 | 4.1.5-3.9.1 | Dec 2, 2020 | A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access u |
- CVE-2021-21996Sep 8, 2021affected < 4.1.4-3.6.2fixed 4.1.4-3.6.2
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
- CVE-2020-25638Dec 2, 2020affected < 4.1.5-3.9.1fixed 4.1.5-3.9.1
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access u