CPE Details
Red Hat Enterprise Linux Update Services For Sap Solutions 9.2
9.2
2024-01-16
18h04 +00:00
18h04 +00:00
2024-01-16
18h04 +00:00
18h04 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*
Informations
Vendor
redhatProduct
enterprise_linux_update_services_for_sap_solutionsVersion
9.2Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. | 7.4 |
High |
||
| A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. | 7.8 |
High |
||
| A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt. | 6.5 |
Medium |
