3 matches found
CVE-2019-18900
CVE-2019-18900 affects libzypp in SUSE CaaS Platform 3.0 and SUSE Linux Enterprise Server 12/15, where an incorrect default-permissions issue could allow local attackers to read a cookie store used by libzypp and expose private cookies. Affected versions include: SUSE CaaS Platform 3.0 libzypp &l...
CVE-2018-7685
The CVE-2018-7685 issue affects libzypp (and related components) used by openSUSE/SUSE packaging. Description: decoupled download and installation steps in libzypp before 17.5.0 could leave a corrupted RPM in the cache, and a subsequent installation could proceed without displaying the corrupted ...
CVE-2026-25707
Summary of vulnerability (CVE-2026-25707) : A relative path traversal in libzypp’s repository metadata processing (prior to version 17.38.10) could allow remote repository authors to overwrite local files, potentially leading to denial of service or privilege escalation. Connected advisories indi...