Suse Opensuse Factory vulnerabilities

5 known vulnerabilities affecting suse/opensuse_factory.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2024-22038MEDIUMCVSS 6.8fixed in 0.5.22024-11-28
CVE-2024-22038 [MEDIUM] CWE-59 CVE-2024-22038: Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories t Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service.
cvelistv5nvd
CVE-2022-45155MEDIUMCVSS 5.5fixed in 0.6.1≥ unspecified, < 0.6.12023-03-15
CVE-2022-45155 [MEDIUM] CWE-755 CVE-2022-45155: An Improper Handling of Exceptional Conditions vulnerability in obs-service-go_modules of openSUSE F An Improper Handling of Exceptional Conditions vulnerability in obs-service-go_modules of openSUSE Factory allows attackers that can influence the call to the service to delete files and directories on the system of the victim. This issue affects: SUSE openSUSE Factory obs-service-go_modules versions prior to 0.6.1.
cvelistv5nvd
CVE-2022-31256HIGHCVSS 7.8≥ sendmail, < 8.17.1-1.12022-10-26
CVE-2022-31256 [HIGH] CWE-59 CVE-2022-31256: A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.
cvelistv5nvd
CVE-2022-31251MEDIUMCVSS 6.3≥ slurm, < 22.05.2-3.32022-09-07
CVE-2022-31251 [MEDIUM] CWE-276 CVE-2022-31251: A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Fa A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.
cvelistv5nvd
CVE-2021-46705MEDIUMCVSS 4.4≥ grub2, < 2.06-18.12022-03-16
CVE-2021-46705 [MEDIUM] CWE-377 CVE-2021-46705: A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4 A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.
cvelistv5nvd