Vulnerabilities > Opensuse > Supportutils > 3.0.10.95.51.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-05 | CVE-2018-19640 | Improper Input Validation vulnerability in Opensuse Supportutils 3.0.1095.51.1 If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. | 5.5 |
2019-03-05 | CVE-2018-19639 | Unspecified vulnerability in Opensuse Supportutils 3.0.1095.51.1 If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing (e.g. | 7.8 |
2019-03-05 | CVE-2018-19638 | Link Following vulnerability in Opensuse Supportutils 3.0.1095.51.1 In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files. | 4.7 |
2019-03-05 | CVE-2018-19637 | Link Following vulnerability in Opensuse Supportutils 3.0.1095.51.1 Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems without symlink protection | 5.5 |
2019-03-05 | CVE-2018-19636 | Improper Input Validation vulnerability in Opensuse Supportutils 3.0.1095.51.1 Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. | 7.8 |