Suse Opensuse Leap 15.5 vulnerabilities
4 known vulnerabilities affecting suse/opensuse_leap_15.5.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-22029HIGHCVSS 7.8≥ ?, < 9.0.85-150200.57.12024-10-16
CVE-2024-22029 [HIGH] CWE-732 CVE-2024-22029: Insecure permissions in the packaging of tomcat allow local users that win a race during package ins
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
cvelistv5nvd
CVE-2024-22033MEDIUMCVSS 5.1≥ ?, < 0.2.1-bp155.3.3.12024-10-16
CVE-2024-22033 [MEDIUM] CWE-78 CVE-2024-22033: The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The at
The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that allowed to execute command in later steps
cvelistv5nvd
CVE-2024-22034MEDIUMCVSS 5.5≥ ?, < 1.9.0-150400.10.6.12024-10-16
CVE-2024-22034 [MEDIUM] CVE-2024-22034: Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This a
Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim
cvelistv5nvd
CVE-2023-32182HIGHCVSS 7.8≥ ?, < 3.7.3-150500.3.5.12023-09-19
CVE-2023-32182 [MEDIUM] CWE-59 CVE-2023-32182: A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux En
A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Perfor
cvelistv5nvd