Opensuse Leap vulnerabilities

CVE-2019-5739 [HIGH] CWE-400 CVE-2019-5739: Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6. Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of Service (DoS) attack vector. Node.js 6.17.0 introduces server.keepAliveTimeout

CVE-2019-5737 [HIGH] CVE-2019-5737: In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.1 In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitig

CVE-2019-0160 [CRITICAL] CWE-120 CVE-2019-0160: Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable e Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.

CVE-2019-5419 [HIGH] CWE-400 CVE-2019-5419: There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0. There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.

CVE-2018-12180 [HIGH] CWE-787 CVE-2018-12180: Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enabl Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

CVE-2019-5418 [HIGH] CWE-22 CVE-2019-5418: There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.1 There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.

CVE-2019-3840 [MEDIUM] CWE-476 CVE-2019-3840: A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets in A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.

CVE-2019-3814 [MEDIUM] CWE-295 CVE-2019-3814: It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certi It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.

CVE-2019-3860 [CRITICAL] CWE-125 CVE-2019-3860: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

CVE-2019-3861 [CRITICAL] CWE-125 CVE-2019-3861: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padd An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

CVE-2019-3863 [HIGH] CWE-190 CVE-2019-3863: A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server c A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by the SSH client as an index to copy memory causing in an out of bounds memory write error.

CVE-2019-3856 [HIGH] CWE-190 CVE-2019-3856: An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 befo An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

CVE-2019-3857 [HIGH] CWE-190 CVE-2019-3857: An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

CVE-2019-3835 [MEDIUM] CWE-648 CVE-2019-3835: It was found that the superexec operator was available in the internal dictionary in ghostscript bef It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

CVE-2019-3838 [MEDIUM] CWE-648 CVE-2019-3838: It was found that the forceput operator could be extracted from the DefineResource method in ghostsc It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

CVE-2019-9948 [CRITICAL] CWE-22 CVE-2019-9948: urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remot urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.

CVE-2019-9923 [HIGH] CWE-476 CVE-2019-9923: pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing cer pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.

CVE-2019-9924 [HIGH] CWE-862 CVE-2019-9924: rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowin rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.

CVE-2019-3858 [CRITICAL] CWE-125 CVE-2019-3858: An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP pack An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

CVE-2019-9898 [CRITICAL] CWE-330 CVE-2019-9898: Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.