CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-22643 – libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls
https://notcve.org/view.php?id=CVE-2023-22643
17 Jan 2023 — An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to execute code as root. This issue affects: SUSE Linux Enterprise Server for SAP 15-SP3 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426. openSUSE Leap 15.4 libzypp-plugin-appdata ver... • https://bugzilla.suse.com/show_bug.cgi?id=1206836 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-18900 – libzypp stores cookies world readable
https://notcve.org/view.php?id=CVE-2019-18900
24 Jan 2020 — : Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1. Una vulnerabilidad de Permisos Predeterminados Incorrectos en lib... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00036.html • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7685 – libzypp does not reevaluate malicious rpms once downloaded
https://notcve.org/view.php?id=CVE-2018-7685
31 Aug 2018 — The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download. Los pasos de descarga e instalación desacoplados en libzypp en versiones anteriores a la 17.5.0 podría conducir a que un RPM corrupto se deje en la caché, en la que una llamada posterior no mostraría el aviso de RPM corrupto y p... • http://lists.suse.com/pipermail/sle-security-updates/2018-August/004510.html • CWE-347: Improper Verification of Cryptographic Signature CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7435 – libzypp accepts unsigned 3rd party repo without warning
https://notcve.org/view.php?id=CVE-2017-7435
01 Mar 2018 — In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system. En libzypp, en versiones anteriores a la 20170803, fue posible añadir repositorios YUM no firmados sin avisar al usuario. Esto podía resultar en que un atacante Man-in-the-Middle (MitM) o servidores maliciosos inyectasen paquetes RPM maliciosos en el sistema de un usuario. • https://bugzilla.suse.com/show_bug.cgi?id=1009127 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9269 – lack of keypinning in libzypp could lead to repository switching
https://notcve.org/view.php?id=CVE-2017-9269
01 Mar 2018 — In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential malicious content. En libzypp, en versiones anteriores a agosto de 2018, las claves GPG adjuntadas en repositorios YUM no se anclaban correctamente, lo que permitía que mirrors de repositorio maliciosos degradasen silenciosamente a repositorios no firmados con contenido potencialmente malicioso. An update that solve... • https://bugzilla.suse.com/show_bug.cgi?id=1045735 • CWE-20: Improper Input Validation CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7436 – libzypp accepts unsigned packages even when configured to check signatures
https://notcve.org/view.php?id=CVE-2017-7436
06 Sep 2017 — In libzypp before 20170803 it was possible to retrieve unsigned packages without a warning to the user which could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system. En libzypp, en versiones anteriores a la 20170803, fue posible recuperar paquetes no firmados sin avisar al usuario. Esto podía resultar en que un atacante Man-in-the-Middle (MitM) o servidores maliciosos inyectasen paquetes RPM maliciosos en el sistema de un usuario. An update that solves one v... • https://bugzilla.suse.com/show_bug.cgi?id=1038984 • CWE-20: Improper Input Validation •