Suse Caas Platform 4.5 vulnerabilities

CVE-2020-8029 [LOW] CWE-732 CVE-2020-8029: A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.

CVE-2020-8030 [LOW] CWE-377 CVE-2020-8030: A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.