Opensuse Leap vulnerabilities

CVE-2020-17368 [CRITICAL] CWE-78 CVE-2020-17368: Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stder Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.

CVE-2020-17367 [HIGH] CWE-88 CVE-2020-17367: Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, wh Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.

CVE-2020-17489 [MEDIUM] CWE-522 CVE-2020-17489: An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password we

CVE-2020-16092 [LOW] CWE-617 CVE-2020-16092: In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue a In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c.

CVE-2020-15656 [HIGH] CWE-843 CVE-2020-15656: JIT optimizations involving the Javascript arguments object could confuse later optimizations. This JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CVE-2020-15659 [HIGH] CWE-787 CVE-2020-15659: Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firef Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1,

CVE-2020-15655 [MEDIUM] CVE-2020-15655: A redirected HTTP request which is observed or modified through a web extension could bypass existin A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CVE-2020-11984 [CRITICAL] CWE-120 CVE-2020-11984: Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

CVE-2020-8026 [HIGH] CWE-276 CVE-2020-8026: A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUS A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 an

CVE-2020-11993 [HIGH] CWE-444 CVE-2020-11993: Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers.

CVE-2020-9490 [HIGH] CWE-444 CVE-2020-9490: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' heade Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.

CVE-2020-16845 [HIGH] CWE-835 CVE-2020-16845: Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarin Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.

CVE-2020-17353 [CRITICAL] CVE-2020-17353: scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe i scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code.

CVE-2020-14344 [MEDIUM] CWE-190 CVE-2020-14344: An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client w An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are shipped with Red Hat Enterprise Linux.

CVE-2020-16116 [LOW] CWE-22 CVE-2020-16116: In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the ext In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.

CVE-2020-14311 [MEDIUM] CWE-122 CVE-2020-14311: There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesy There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.

CVE-2020-14310 [MEDIUM] CWE-122 CVE-2020-14310: There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a fo There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX,

CVE-2020-10713 [HIGH] CWE-120 CVE-2020-10713: A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain th

CVE-2020-14309 [MEDIUM] CWE-190 CVE-2020-14309: There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containin There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.

CVE-2020-16166 [LOW] CWE-330 CVE-2020-16166: The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sen The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.