Vulnerability & Exploit Database

Displaying all 4 entries

Results for: CVE-2017-0605 Back to search

SUSE: CVE-2017-7550: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: October 19, 2017

A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in...

SUSE: CVE-2016-7056: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: January 10, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2016-7056:

This CVE is addressed in the SUSE advisories SUSE-SU-2017:0461-1, SUSE-SU-2017:0495-1, SUSE-SU-2017:0585-1, SUSE-SU-2017:0605-1, SUSE-...

SUSE: CVE-2016-8610: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: November 02, 2016

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients....

SUSE: CVE-2016-2108: SUSE Linux Security Advisory Vulnerability

  • Severity: 10
  • Published: May 03, 2016

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.