Suse Opensuse Leap 15.5
4 CVEs affecting Suse Opensuse Leap 15.5. Latest disclosed: 2024-10-16. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-22029 | High | 7.8 | 2024-10-16 | Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root |
CVE-2024-22033 | Medium | 6.3 | 2024-10-16 | The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that al… |
CVE-2023-32182 | Medium | 5.9 | 2023-09-19 | A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise… |
CVE-2024-22034 | Medium | 5.5 | 2024-10-16 | Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for t… |