VYPR

Yast2

by SUSE S.A.

CVEs (3)

  • CVE-2016-1601CriApr 26, 2016
    risk 0.64cvss 9.8epss 0.02

    yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown…

  • CVE-2018-17957LowDec 26, 2018
    risk 0.22cvss 3.4epss 0.00

    The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database.

  • CVE-2004-0064Feb 17, 2004
    risk 0.03cvss epss 0.01

    The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.