Vulnerabilities (CVE)

Filtered by vendor Yast Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-5746 2 Opensuse, Yast 4 Leap, Libstorage, Libstorage-ng and 1 more 2024-11-21 1.2 LOW 5.1 MEDIUM
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
CVE-2011-3177 1 Yast 1 Yast2 2024-11-21 2.1 LOW 7.8 HIGH
The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.