rpm package
suse/venv-openstack-horizon&distro=SUSE OpenStack Cloud 8
pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%208
Vulnerabilities (144)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11499 | Hig | 7.5 | < 12.0.5~dev6-14.36.6 | 12.0.5~dev6-14.36.6 | Jul 25, 2017 | Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building | |
| CVE-2017-5929 | Cri | 9.8 | < 12.0.5~dev6-14.36.6 | 12.0.5~dev6-14.36.6 | Mar 13, 2017 | QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. | |
| CVE-2016-10127 | Cri | 9.0 | < 12.0.4~dev6-14.26.2 | 12.0.4~dev6-14.26.2 | Mar 3, 2017 | PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response. | |
| CVE-2015-3448 | — | < 12.0.4~dev6-14.26.2 | 12.0.4~dev6-14.26.2 | Apr 29, 2015 | REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log. |
- affected < 12.0.5~dev6-14.36.6fixed 12.0.5~dev6-14.36.6
Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building
- affected < 12.0.5~dev6-14.36.6fixed 12.0.5~dev6-14.36.6
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
- affected < 12.0.4~dev6-14.26.2fixed 12.0.4~dev6-14.26.2
PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response.
- CVE-2015-3448Apr 29, 2015affected < 12.0.4~dev6-14.26.2fixed 12.0.4~dev6-14.26.2
REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
Page 8 of 8