Vulnerabilities > Suse > Caas Platform > 3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-24 | CVE-2019-18900 | Incorrect Default Permissions vulnerability in Opensuse Libzypp : Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. | 2.1 |
2020-01-17 | CVE-2019-3682 | Exposure of Resource to Wrong Sphere vulnerability in Suse Caas Platform 3.0 The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. | 4.6 |