CVE-2017-9271

Опубликовано: 01 мар. 2018

Источник: debian

EPSS Низкий

Описание

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.

Пакет	Статус	Версия исправления	Релиз	Тип
libzypp	fixed	17.25.5-2		package
libzypp	ignored		buster	package
libzypp	ignored		jessie	package

https://bugzilla.suse.com/show_bug.cgi?id=1050625
https://github.com/openSUSE/libzypp/commit/c693f46ca9bf18dda9b4b56f78e069e26b5b03ff (17.25.3)

EPSS

Процентиль: 35%

0.0014

Низкий

CVE-2017-9271

CVSS3: 3.3

ubuntu

почти 8 лет назад

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.

CVE-2017-9271

CVSS3: 3.3

nvd

почти 8 лет назад

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.

openSUSE-SU-2021:0059-1

suse-cvrf

около 5 лет назад

Security update for libzypp, zypper

SUSE-SU-2024:2080-1

suse-cvrf

больше 1 года назад

Security update for libzypp, zypper

SUSE-SU-2021:0956-1

suse-cvrf

почти 5 лет назад

Security update for libzypp, zypper

EPSS

Процентиль: 35%

0.0014

Низкий