Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Backports_sle
(Opensuse)| Repositories |
• https://github.com/opencontainers/runc
• https://github.com/lighttpd/lighttpd1.4 |
| #Vulnerabilities | 326 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-12-16 | CVE-2019-16779 | In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this. | Debian_linux, Excon, Backports_sle, Leap | 5.9 | ||
| 2020-02-28 | CVE-2019-3698 | UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1... | Nagios, Backports_sle, Leap | 7.0 | ||
| 2019-11-26 | CVE-2019-14856 | ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None | Backports_sle, Leap, Ansible, Openstack | 6.5 | ||
| 2019-12-27 | CVE-2019-20015 | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. | Libredwg, Backports_sle, Leap | N/A | ||
| 2019-12-27 | CVE-2019-20014 | An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. | Libredwg, Backports_sle, Leap | N/A | ||
| 2019-12-27 | CVE-2019-20013 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. | Libredwg, Backports_sle, Leap | N/A | ||
| 2019-12-27 | CVE-2019-20012 | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. | Libredwg, Backports_sle, Leap | N/A | ||
| 2019-12-27 | CVE-2019-20011 | An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c. | Libredwg, Backports_sle, Leap | N/A | ||
| 2019-12-27 | CVE-2019-20010 | An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. | Libredwg, Backports_sle, Leap | N/A | ||
| 2019-12-27 | CVE-2019-20009 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | Libredwg, Backports_sle, Leap | N/A |