Filtered by vendor Suse Subscriptions
Filtered by product Caas Platform Subscriptions
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-27239 5 Debian, Fedoraproject, Hp and 2 more 19 Debian Linux, Fedora, Helion Openstack and 16 more 2024-11-21 7.8 High
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
CVE-2020-8030 1 Suse 1 Caas Platform 2024-11-21 3.6 Low
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
CVE-2020-8029 1 Suse 1 Caas Platform 2024-11-21 2.9 Low
A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.
CVE-2019-3682 1 Suse 1 Caas Platform 2024-11-21 8.4 High
The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.
CVE-2019-18900 2 Opensuse, Suse 3 Libzypp, Caas Platform, Suse Linux Enterprise Server 2024-11-21 4 Medium
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1.
CVE-2018-6556 4 Canonical, Linuxcontainers, Opensuse and 1 more 6 Ubuntu Linux, Lxc, Leap and 3 more 2024-11-21 N/A
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.
CVE-2017-18017 9 Arista, Canonical, Debian and 6 more 33 Eos, Ubuntu Linux, Debian Linux and 30 more 2024-11-21 9.8 Critical
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.