Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Proxy Module 4.3 package spacewalk-proxy-installer, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2025-46811 — CVSS 9.8 (critical): A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able…
CVE-2025-46809 — CVSS 5.7 (medium): A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects…
CVE-2023-22644 — CVSS 5.5 (medium): A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector…
CVE-2025-23392 — CVSS 5.2 (medium): A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of…
CVE-2025-23393 — CVSS 5.2 (medium): A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of…