pacemaker (SUSE:Linux Enterprise High Availability Extension 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Availability Extension 15 package pacemaker, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2018-16877 — CVSS 7.8 (high): A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local…
CVE-2020-25654 — CVSS 7.2 (high): An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC…
CVE-2018-16878 — CVSS 5.5 (medium): A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled…
CVE-2019-3885 — CVSS 3.3 (low): A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be…