Vulnerabilities > Suse > Caas Platform
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-27 | CVE-2022-27239 | Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. | 7.8 |
| 2021-02-11 | CVE-2020-8030 | Unspecified vulnerability in Suse Caas Platform 4.5 A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster. | 4.4 |
| 2021-02-11 | CVE-2020-8029 | Unspecified vulnerability in Suse Caas Platform 4.5 A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. | 4.0 |
| 2020-01-17 | CVE-2019-3682 | Exposure of Resource to Wrong Sphere vulnerability in Suse Caas Platform 3.0 The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. | 7.8 |
| 2018-08-10 | CVE-2018-6556 | Channel and Path Errors vulnerability in multiple products lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. | 3.3 |
| 2018-01-03 | CVE-2017-18017 | Use After Free vulnerability in multiple products The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. | 9.8 |