Suse Caas Platform
By the Year
In 2024 there have been 0 vulnerabilities in Suse Caas Platform . Caas Platform did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.80 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 7.80 |
| 2019 | 0 | 0.00 |
| 2018 | 2 | 6.55 |
It may take a day or so for new Caas Platform vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Suse Caas Platform Security Vulnerabilities
In cifs-utils through 6.14
CVE-2022-27239
7.8 - High
- April 27, 2022
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Memory Corruption
The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.
CVE-2019-3682
7.8 - High
- January 17, 2020
The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.
Exposure of Resource to Wrong Sphere
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path
CVE-2018-6556
3.3 - Low
- August 10, 2018
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.
Communication Channel Errors
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36
CVE-2017-18017
9.8 - Critical
- January 03, 2018
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
Dangling pointer
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Enterprise Linux Workstation or by Suse? Click the Watch button to subscribe.
