spacewalk-proxy (SUSE:Manager Proxy 3.2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Proxy 3.2 package spacewalk-proxy, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2019-10137 — CVSS 8.1 (high): A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A…
CVE-2019-3684 — CVSS 5.9 (medium): SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on…
CVE-2019-10136 — CVSS 4.3 (medium): It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. An attacker with a valid, but…