Leap Security Vulnerabilities and Issues — Leap CVE List

Lucene search

OpensuseLeap

5 matches found

CVE•added 2022/01/01 6:15 a.m.•432 views

CVE-2021-41819

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

7.5CVSS7.5AI score0.00673EPSS

CVE•added 2022/01/01 5:15 a.m.•385 views

CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

7.5CVSS7.4AI score0.00422EPSS

CVE•added 2022/01/06 4:15 a.m.•120 views

CVE-2021-46141

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.

5.5CVSS5.2AI score0.00086EPSS

CVE•added 2022/01/06 4:15 a.m.•120 views

CVE-2021-46142

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

5.5CVSS5.2AI score0.00086EPSS

CVE•added 2022/10/06 6:16 p.m.•94 views

CVE-2022-31252

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the pa...

4.4CVSS4.3AI score0.00026EPSS