Suse Kiwi vulnerabilities
3 known vulnerabilities affecting suse/kiwi.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2011-4195HIGHCVSS 7.5≤ 4.98.042014-04-16
CVE-2011-4195 [HIGH] CVE-2011-4195: kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sy
kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name.
nvd
CVE-2011-4192HIGHCVSS 7.5≤ 4.852014-04-16
CVE-2011-4192 [HIGH] CVE-2011-4192: kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sys
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."
nvd
CVE-2011-3180HIGHCVSS 7.5≤ 4.98.072014-04-16
CVE-2011-3180 [HIGH] CVE-2011-3180: kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sy
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.
nvd