23 matches found
EUVD-2017-6122
Malware in sbrugna...
EUVD-2018-19741
Malware in sbrugna...
CVE-2018-8059
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...
SUSE CVE-2017-14621
Portus 2.2.0 has XSS via the Team field, related to typeahead...
SUSE CVE-2018-8059
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...
SUSE: Security Advisory (SUSE-SU-2017:2655-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1146-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE Portus NGINX Djelibeybi configuration examples SSL Certificate Validation Vulnerability
SUSE Portus is an open source licensed service interface for the next generation of Docker registries to manage Docker registries.NGINX is a reverse proxy used in it.Djelibeybi configuration examples is one of the Djelibeybi configuration examples. A security vulnerability exists in Djelibeybi...
Input validation
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...
CVE-2018-8059
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...
CVE-2018-8059
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...
CVE-2018-8059
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...
CVE-2018-8059
CVE-2018-8059 concerns the Djelibeybi-based NGINX configurations used with SUSE Portus 2.3. The connected documents indicate the issue arises from a missing SSL certificate validation mechanism due to the absence of proxy_ssl_* directives in the relevant Djelibeybi configuration examples applied ...
SUSE-SU-2017:2655-1 Security update for portus
This update for portus fixes the following issues: - CVE-2017-14621: Fixed a XSS attack via the Team field, related to typeahead. bsc1059664...
Portus Cross-Site Scripting Vulnerability
Portus is the authorization interface for the next generation of Docker registries. A cross-site scripting vulnerability exists in Portus version 2.2.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of the 'Team' field...
CVE-2017-14621
Portus 2.2.0 has XSS via the Team field, related to typeahead...
CVE-2017-14621
Portus 2.2.0 has XSS via the Team field, related to typeahead...
Code injection
Portus 2.2.0 has XSS via the Team field, related to typeahead...
CVE-2017-14621
Portus 2.2.0 is affected by an XSS vulnerability in the Team field (typeahead). The issue allows injection of arbitrary web script/HTML via the Team field. A remediation exists: SUSE-SU-2017:2655-1 security update for Portus, which fixes CVE-2017-14621. The vulnerability is listed with CVSS v3.0 ...
CVE-2017-14621
Portus 2.2.0 has XSS via the Team field, related to typeahead...