VYPR

rpm package

suse/susemanager-tftpsync-recv&distro=SUSE Manager Proxy Module 4.3

pkg:rpm/suse/susemanager-tftpsync-recv&distro=SUSE%20Manager%20Proxy%20Module%204.3

Vulnerabilities (6)

  • CVE-2025-46809MedJul 31, 2025
    affected < 4.3.10-150400.3.12.2fixed 4.3.10-150400.3.12.2

    A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.

  • CVE-2025-46811CriJul 30, 2025
    affected < 4.3.10-150400.3.12.2fixed 4.3.10-150400.3.12.2

    A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able to run any command as root on any client. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-15060

  • CVE-2025-23393MedMay 27, 2025
    affected < 4.3.10-150400.3.12.2fixed 4.3.10-150400.3.12.2

    A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in  spacewalk-java allows execution of arbitrary Javascript code on users machines.This issue affects Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3

  • CVE-2025-23392MedMay 26, 2025
    affected < 4.3.10-150400.3.12.2fixed 4.3.10-150400.3.12.2

    A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on target systems.This issue affects Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3.

  • CVE-2021-41411Jun 16, 2022
    affected < 4.3.7-150400.3.3.3fixed 4.3.7-150400.3.3.3

    drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.

  • CVE-2022-0860Mar 11, 2022
    affected < 4.3.7-150400.3.3.3fixed 4.3.7-150400.3.3.3

    Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.