rpm package
suse/supportutils-plugin-susemanager-client&distro=SUSE Manager Client Tools 12-BETA
pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2012-BETA
Vulnerabilities (46)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-41174 | — | < 5.0.1-9.15.2 | 5.0.1-9.15.2 | Nov 3, 2021 | Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user vi | ||
| CVE-2021-39226 | — | KEV | < 5.0.1-9.15.2 | 5.0.1-9.15.2 | Oct 5, 2021 | Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public | |
| CVE-2021-3807 | — | < 5.0.1-9.15.2 | 5.0.1-9.15.2 | Sep 17, 2021 | ansi-regex is vulnerable to Inefficient Regular Expression Complexity | ||
| CVE-2021-3711 | — | < 5.0.1-9.15.2 | 5.0.1-9.15.2 | Aug 24, 2021 | In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with | ||
| CVE-2021-36222 | — | < 5.0.1-9.15.2 | 5.0.1-9.15.2 | Jul 22, 2021 | ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a | ||
| CVE-2020-7753 | — | < 5.0.1-9.15.2 | 5.0.1-9.15.2 | Oct 27, 2020 | All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim(). |
- CVE-2021-41174Nov 3, 2021affected < 5.0.1-9.15.2fixed 5.0.1-9.15.2
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user vi
- affected < 5.0.1-9.15.2fixed 5.0.1-9.15.2
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public
- CVE-2021-3807Sep 17, 2021affected < 5.0.1-9.15.2fixed 5.0.1-9.15.2
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
- CVE-2021-3711Aug 24, 2021affected < 5.0.1-9.15.2fixed 5.0.1-9.15.2
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with
- CVE-2021-36222Jul 22, 2021affected < 5.0.1-9.15.2fixed 5.0.1-9.15.2
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a
- CVE-2020-7753Oct 27, 2020affected < 5.0.1-9.15.2fixed 5.0.1-9.15.2
All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().
Page 3 of 3