pcp (SUSE:Linux Enterprise Software Development Kit 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP5 package pcp, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2024-3019 — CVSS 8.8 (high): A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command…
CVE-2019-3696 — CVSS 8.4 (high): A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High…
CVE-2019-3695 — CVSS 8.4 (high): A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing…
CVE-2020-8025 — CVSS 6.1 (medium): A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux…
CVE-2023-6917 — CVSS 6.0 (medium): A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd…
CVE-2024-45769 — CVSS 5.5 (medium): A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which…
CVE-2024-45770 — CVSS 4.4 (medium): A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP…