rpm package
suse/suse-manager-5.0-x86_64-proxy-salt-broker-image&distro=SUSE Manager Proxy 5.0
pkg:rpm/suse/suse-manager-5.0-x86_64-proxy-salt-broker-image&distro=SUSE%20Manager%20Proxy%205.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-29371 | — | < 5.0.7-7.32.15 | 5.0.7-7.32.15 | Dec 17, 2025 | In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and proc | ||
| CVE-2025-53192 | — | < 5.0.5.1-7.26.21 | 5.0.5.1-7.26.21 | Aug 18, 2025 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression |
- CVE-2024-29371Dec 17, 2025affected < 5.0.7-7.32.15fixed 5.0.7-7.32.15
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and proc
- CVE-2025-53192Aug 18, 2025affected < 5.0.5.1-7.26.21fixed 5.0.5.1-7.26.21
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression