Caas Platform
by SUSE S.A.
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-31431 | Hig | 0.59 | 7.8 | 0.97 | KEV | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the… | |
| CVE-2020-8030 | 0.00 | — | 0.00 | Feb 11, 2021 | A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster. | |||
| CVE-2020-8029 | 0.00 | — | 0.00 | Feb 11, 2021 | A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416. | |||
| CVE-2019-18900 | 0.00 | — | 0.00 | Jan 24, 2020 | : Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform… | |||
| CVE-2019-3682 | 0.00 | — | 0.00 | Jan 17, 2020 | The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. |
- risk 0.59cvss 7.8epss 0.97
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the…
- CVE-2020-8030Feb 11, 2021risk 0.00cvss —epss 0.00
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
- CVE-2020-8029Feb 11, 2021risk 0.00cvss —epss 0.00
A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.
- CVE-2019-18900Jan 24, 2020risk 0.00cvss —epss 0.00
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform…
- CVE-2019-3682Jan 17, 2020risk 0.00cvss —epss 0.00
The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.