Vulnerabilities > Suse > Caas Platform > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-11 | CVE-2020-8029 | Incorrect Permission Assignment for Critical Resource vulnerability in Suse Caas Platform 4.5 A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. | 2.1 |
| 2021-02-11 | CVE-2020-8030 | Insecure Temporary File vulnerability in Suse Caas Platform 4.5 A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster. | 3.6 |
| 2020-01-24 | CVE-2019-18900 | Incorrect Default Permissions vulnerability in Opensuse Libzypp : Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. | 2.1 |
| 2018-08-10 | CVE-2018-6556 | Channel and Path Errors vulnerability in multiple products lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. | 2.1 |