Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud Crowbar 9 package python-proliantutils, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2019-11068 — CVSS 9.8 (critical): libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon…
CVE-2019-13611 — CVSS 8.8 (high): An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows…
CVE-2017-17051 — CVSS 8.6 (high): An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an…
CVE-2019-11324 — CVSS 7.5 (high): The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS…
CVE-2018-19039 — CVSS 6.5 (medium): Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin…
CVE-2019-10876 — CVSS 6.5 (medium): An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security…
CVE-2019-9735 — CVSS 6.5 (medium): An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and…
CVE-2019-9740 — CVSS 6.1 (medium): An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the…
CVE-2019-11236 — CVSS 6.1 (medium): In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2015-3448 — CVSS 2.1 (low): REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information…