Lucene search
+L

10 matches found

SUSE Linux
SUSE Linux
added 2025/07/23 1:26 p.m.9 views

Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle

This update fixes the following issues: golang-github-prometheus-nodeexporter: Security issues fixed: CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 Other bugs fixed: Fixed Darwin memory leak pressure: Fix...

9.6CVSS7.3AI score0.00982EPSS
Exploits2References76
SUSE Linux
SUSE Linux
added 2025/07/23 12:44 p.m.7 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:44 p.m.7 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:43 p.m.6 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:41 p.m.8 views

Security update 5.0.5 for Multi-Linux Manager Client Tools

This update fixes the following issues: salt: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability in...

9.6CVSS7.5AI score0.00982EPSS
Exploits0References74
AlpineLinux
AlpineLinux
added 2025/06/13 7:15 a.m.3 views

CVE-2024-38825

The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication...

6.4CVSS7.4AI score0.00132EPSS
Exploits0References2
CVE
CVE
added 2025/06/13 6:46 a.m.83 views

CVE-2024-38825

CVE-2024-38825 concerns the salt.auth.pki module, which incorrectly authenticates callers using a password field that contains a public certificate validated against a CA, allowing authentication without access to the corresponding private key. This is not true PKI authentication and enables a ne...

6.4CVSS6.5AI score0.00132EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/10 12:0 a.m.20 views

Ubuntu 16.04 LTS / 22.04 LTS : Dogtag PKI vulnerabilities (USN-7146-1)

The remote Ubuntu 16.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7146-1 advisory. Christina Fu discovered that Dogtag PKI accidentally enabled a mock authentication plugin by default. An attacker could potentially use this...

7.5CVSS7.2AI score0.85323EPSS
Exploits5References4
Veracode
Veracode
added 2024/10/23 9:19 a.m.15 views

Authentication Bypass

org.apache.solr, solr-core is vulnerable to Authentication Bypass. The vulnerability is due to the PKIAuthenticationPlugin improperly handling fake endings in the Solr API URL path, allowing requests to bypass authentication...

9.8CVSS6.7AI score0.90709EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2024/10/16 8:15 a.m.8 views

UBUNTU-CVE-2024-45216

Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass. A fake ending at the end of any Solr API URL path, will allow requests to skip...

9.8CVSS5.8AI score0.90709EPSS
Exploits1References3
Rows per page
Query Builder