VYPR

rpm package

suse/suseRegisterInfo&distro=SUSE Manager Server Module 4.1

pkg:rpm/suse/suseRegisterInfo&distro=SUSE%20Manager%20Server%20Module%204.1

Vulnerabilities (2)

  • CVE-2020-25638Dec 2, 2020
    affected < 4.1.4-4.6.2fixed 4.1.4-4.6.2

    A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access u

  • CVE-2020-11022MedApr 29, 2020
    affected < 4.1.3-4.3.6fixed 4.1.3-4.3.6

    In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.