Lucene search
SuseSUSE-SU-2014:1218-1HistorySep 25, 2014 - 7:04 p.m.
Security update for spacewalk-java (important)
2014-09-2519:04:16
lists.opensuse.org
9
0.002 Low
EPSS
Percentile
59.6%
The Spacewalk frontend displayed a logfile without escaping content,
allowing remote attackers to inject cross site scripting (XSS) into the
admin’s session. (CVE-2014-3595)
Additionally, the following bug was fixed:
* Fixed package upgrade via SSM when using the Oracle DB as backend.
(bnc#889721)
Security Issues:
* CVE-2014-3595
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3595">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3595</a>>
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| SUSE Manager Server | any | noarch | spacewalk-java-oracle | < 2.1.165.6-0.11.1 | spacewalk-java-oracle-2.1.165.6-0.11.1.noarch.rpm |
| SUSE Manager Server | any | noarch | spacewalk-java-lib | < 2.1.165.6-0.11.1 | spacewalk-java-lib-2.1.165.6-0.11.1.noarch.rpm |
| SUSE Manager Server | any | noarch | spacewalk-taskomatic | < 2.1.165.6-0.11.1 | spacewalk-taskomatic-2.1.165.6-0.11.1.noarch.rpm |
| SUSE Manager Server | any | noarch | spacewalk-java | < 2.1.165.6-0.11.1 | spacewalk-java-2.1.165.6-0.11.1.noarch.rpm |
| SUSE Manager Server | any | noarch | spacewalk-java-config | < 2.1.165.6-0.11.1 | spacewalk-java-config-2.1.165.6-0.11.1.noarch.rpm |
| SUSE Manager Server | any | noarch | spacewalk-java-postgresql | < 2.1.165.6-0.11.1 | spacewalk-java-postgresql-2.1.165.6-0.11.1.noarch.rpm |
Related
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 09:01:03
nvd
nvd
CVE-2014-3595
2014-09-22 15:55:07
prion
prion
Cross site scripting
2014-09-22 15:55:00
redhat
redhat
(RHSA-2014:1184) Important: spacewalk-java security update
2014-09-11 00:00:00
cvelist
cvelist
CVE-2014-3595
2014-09-22 15:00:00
cve
cve
CVE-2014-3595
2014-09-22 15:55:07
suse
suse
Security update for spacewalk-java (important)
2014-10-31 18:05:11