Vulnerabilities > Yast

DATE CVE VULNERABILITY TITLE RISK
2017-09-08 CVE-2011-3177 Information Exposure vulnerability in Yast Yast2
The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.
local
low complexity
yast CWE-200
7.8
2016-09-26 CVE-2016-5746 libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
local
high complexity
opensuse yast
5.1