EUVD-2024-19640

Malicious code in bioql PyPI...

CVE-2024-22037

The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...

CVE-2024-22037 Database password leaked by systemd uyuni-server-attestation service

The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...

CVE-2024-22037

CVE-2024-22037 is referenced in SUSE updates for Uyuni tooling. The issue stems from database credentials being exposed via environment in a systemd/Podman context. The connected SUSE advisory notes that CVE-2024-22037 is fixed by switching to podman secrets to store database credentials (uyuni-t...

CVE-2024-22037 Database password leaked by systemd uyuni-server-attestation service

The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...

SUSE CVE-2024-22037

The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...

PT-2024-19170 · Suse · Suse Manager Server +1

Name of the Vulnerable Software and Affected Versions: SUSE Manager Server affected versions not specified Description: The issue concerns the exposure of sensitive system information due to the uyuni-server-attestation systemd service needing a database password environment variable. Although th...