suse/venv-openstack-magnum&distro=SUSE OpenStack Cloud 8

Vulnerabilities (144)

• CVE-2017-11499HigJul 25, 2017
  affected < 5.0.2_5.0.2_5.0.2~dev31-11.32.2fixed 5.0.2_5.0.2_5.0.2~dev31-11.32.2

  Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building

• CVE-2017-5929CriMar 13, 2017
  affected < 5.0.2_5.0.2_5.0.2~dev31-11.32.2fixed 5.0.2_5.0.2_5.0.2~dev31-11.32.2

  QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.

• CVE-2016-10127CriMar 3, 2017
  affected < 5.0.2_5.0.2_5.0.2~dev31-11.20.2fixed 5.0.2_5.0.2_5.0.2~dev31-11.20.2

  PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response.

• CVE-2015-3448Apr 29, 2015
  affected < 5.0.2_5.0.2_5.0.2~dev31-11.18.1fixed 5.0.2_5.0.2_5.0.2~dev31-11.18.1

  REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.