CVE-2022-43753
- EPSS 0.12%
- Published 10.11.2022 15:15:19
- Last modified 21.11.2024 07:27:09
A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Serv...
CVE-2022-43754
- EPSS 0.08%
- Published 10.11.2022 15:15:19
- Last modified 21.11.2024 07:27:09
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manag...
CVE-2022-31255
- EPSS 0.09%
- Published 10.11.2022 15:15:13
- Last modified 21.11.2024 07:04:13
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Ser...
CVE-2021-40348
- EPSS 0.45%
- Published 01.11.2021 05:15:07
- Last modified 21.11.2024 06:23:55
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user ac...