CVE-2024-26482 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-26482 at MITRE

Description

** DISPUTED ** An HTML injection vulnerability exists in the Edit Content Layout module of Kirby CMS v4.1.0. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is backend sanitization such that the reporter's mentioned "injecting malicious scripts" would not occur.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having not set severity.

Note from the SUSE Security Team on the kernel-default package

SUSE will no longer fix all CVEs in the Linux Kernel anymore, but declare some bug classes as won't fix. Please refer to TID 21496 for more details.

No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

SUSE-SU-2024:2571-1, published Mon Jul 22 20:34:22 UTC 2024

List of released packages

Product(s)	Fixed package version(s)	References
Container bci/bci-sle15-kernel-module-devel:15.6.17.15	`kernel-default-devel >= 6.4.0-150600.23.14.2` `kernel-devel >= 6.4.0-150600.23.14.2` `kernel-macros >= 6.4.0-150600.23.14.2` `kernel-syms >= 6.4.0-150600.23.14.2`
Container suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.5.8 Image SLES15-SP6 Image SLES15-SP6-BYOS Image SLES15-SP6-BYOS-Azure Image SLES15-SP6-BYOS-EC2 Image SLES15-SP6-BYOS-GCE Image SLES15-SP6-CHOST-BYOS Image SLES15-SP6-CHOST-BYOS-Aliyun Image SLES15-SP6-CHOST-BYOS-Azure Image SLES15-SP6-CHOST-BYOS-EC2 Image SLES15-SP6-CHOST-BYOS-GCE Image SLES15-SP6-CHOST-BYOS-GDC Image SLES15-SP6-CHOST-BYOS-SAP-CCloud Image SLES15-SP6-EC2 Image SLES15-SP6-EC2-ECS-HVM Image SLES15-SP6-GCE Image SLES15-SP6-HPC-BYOS Image SLES15-SP6-HPC-BYOS-Azure Image SLES15-SP6-HPC-BYOS-EC2 Image SLES15-SP6-HPC-BYOS-GCE Image SLES15-SP6-HPC-EC2 Image SLES15-SP6-HPC-GCE Image SLES15-SP6-Hardened-BYOS Image SLES15-SP6-Hardened-BYOS-Azure Image SLES15-SP6-Hardened-BYOS-EC2 Image SLES15-SP6-Hardened-BYOS-GCE Image SLES15-SP6-SAP Image SLES15-SP6-SAP-Azure Image SLES15-SP6-SAP-EC2 Image SLES15-SP6-SAP-GCE Image SLES15-SP6-SAPCAL Image SLES15-SP6-SAPCAL-Azure Image SLES15-SP6-SAPCAL-EC2 Image SLES15-SP6-SAPCAL-GCE	`kernel-default >= 6.4.0-150600.23.14.2`
Image SLES15-SP6-SAP-Azure-LI-BYOS Image SLES15-SP6-SAP-Azure-LI-BYOS-Production Image SLES15-SP6-SAP-Azure-VLI-BYOS Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production Image SLES15-SP6-SAP-BYOS Image SLES15-SP6-SAP-BYOS-Azure Image SLES15-SP6-SAP-BYOS-EC2 Image SLES15-SP6-SAP-BYOS-GCE Image SLES15-SP6-SAP-Hardened Image SLES15-SP6-SAP-Hardened-Azure Image SLES15-SP6-SAP-Hardened-BYOS Image SLES15-SP6-SAP-Hardened-BYOS-Azure Image SLES15-SP6-SAP-Hardened-BYOS-EC2 Image SLES15-SP6-SAP-Hardened-BYOS-GCE Image SLES15-SP6-SAP-Hardened-EC2 Image SLES15-SP6-SAP-Hardened-GCE	`cluster-md-kmp-default >= 6.4.0-150600.23.14.2` `dlm-kmp-default >= 6.4.0-150600.23.14.2` `gfs2-kmp-default >= 6.4.0-150600.23.14.2` `kernel-default >= 6.4.0-150600.23.14.2` `ocfs2-kmp-default >= 6.4.0-150600.23.14.2`
SUSE Linux Enterprise Desktop 15 SP6	`kernel-64kb >= 6.4.0-150600.23.14.1` `kernel-64kb-devel >= 6.4.0-150600.23.14.1` `kernel-default >= 6.4.0-150600.23.14.2` `kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3` `kernel-default-devel >= 6.4.0-150600.23.14.2` `kernel-default-extra >= 6.4.0-150600.23.14.2` `kernel-devel >= 6.4.0-150600.23.14.2` `kernel-docs >= 6.4.0-150600.23.14.2` `kernel-macros >= 6.4.0-150600.23.14.2` `kernel-obs-build >= 6.4.0-150600.23.14.2` `kernel-source >= 6.4.0-150600.23.14.2` `kernel-syms >= 6.4.0-150600.23.14.2` `kernel-zfcpdump >= 6.4.0-150600.23.14.2`	Patchnames: SUSE-SLE-Module-Basesystem-15-SP6-2024-2571 SUSE-SLE-Module-Development-Tools-15-SP6-2024-2571 SUSE-SLE-Product-WE-15-SP6-2024-2571
SUSE Linux Enterprise High Availability Extension 15 SP6	`cluster-md-kmp-default >= 6.4.0-150600.23.14.2` `dlm-kmp-default >= 6.4.0-150600.23.14.2` `gfs2-kmp-default >= 6.4.0-150600.23.14.2` `ocfs2-kmp-default >= 6.4.0-150600.23.14.2`	Patchnames: SUSE-SLE-Product-HA-15-SP6-2024-2571
SUSE Linux Enterprise High Performance Computing 15 SP6	`kernel-64kb >= 6.4.0-150600.23.14.1` `kernel-64kb-devel >= 6.4.0-150600.23.14.1` `kernel-default >= 6.4.0-150600.23.14.2` `kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3` `kernel-default-devel >= 6.4.0-150600.23.14.2` `kernel-devel >= 6.4.0-150600.23.14.2` `kernel-docs >= 6.4.0-150600.23.14.2` `kernel-macros >= 6.4.0-150600.23.14.2` `kernel-obs-build >= 6.4.0-150600.23.14.2` `kernel-source >= 6.4.0-150600.23.14.2` `kernel-syms >= 6.4.0-150600.23.14.2` `kernel-zfcpdump >= 6.4.0-150600.23.14.2` `reiserfs-kmp-default >= 6.4.0-150600.23.14.2`	Patchnames: SUSE-SLE-Module-Basesystem-15-SP6-2024-2571 SUSE-SLE-Module-Development-Tools-15-SP6-2024-2571 SUSE-SLE-Module-Legacy-15-SP6-2024-2571
SUSE Linux Enterprise Live Patching 15 SP6		Patchnames: SUSE-SLE-Module-Live-Patching-15-SP6-2024-2571
SUSE Linux Enterprise Module for Basesystem 15 SP6	`kernel-64kb >= 6.4.0-150600.23.14.1` `kernel-64kb-devel >= 6.4.0-150600.23.14.1` `kernel-default >= 6.4.0-150600.23.14.2` `kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3` `kernel-default-devel >= 6.4.0-150600.23.14.2` `kernel-devel >= 6.4.0-150600.23.14.2` `kernel-macros >= 6.4.0-150600.23.14.2` `kernel-zfcpdump >= 6.4.0-150600.23.14.2`	Patchnames: SUSE-SLE-Module-Basesystem-15-SP6-2024-2571
SUSE Linux Enterprise Module for Development Tools 15 SP6	`kernel-docs >= 6.4.0-150600.23.14.2` `kernel-obs-build >= 6.4.0-150600.23.14.2` `kernel-source >= 6.4.0-150600.23.14.2` `kernel-syms >= 6.4.0-150600.23.14.2`	Patchnames: SUSE-SLE-Module-Development-Tools-15-SP6-2024-2571
SUSE Linux Enterprise Module for Legacy 15 SP6	`reiserfs-kmp-default >= 6.4.0-150600.23.14.2`	Patchnames: SUSE-SLE-Module-Legacy-15-SP6-2024-2571
SUSE Linux Enterprise Server 15 SP6 SUSE Linux Enterprise Server for SAP Applications 15 SP6	`kernel-64kb >= 6.4.0-150600.23.14.1` `kernel-64kb-devel >= 6.4.0-150600.23.14.1` `kernel-default >= 6.4.0-150600.23.14.2` `kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3` `kernel-default-devel >= 6.4.0-150600.23.14.2` `kernel-default-extra >= 6.4.0-150600.23.14.2` `kernel-devel >= 6.4.0-150600.23.14.2` `kernel-docs >= 6.4.0-150600.23.14.2` `kernel-macros >= 6.4.0-150600.23.14.2` `kernel-obs-build >= 6.4.0-150600.23.14.2` `kernel-source >= 6.4.0-150600.23.14.2` `kernel-syms >= 6.4.0-150600.23.14.2` `kernel-zfcpdump >= 6.4.0-150600.23.14.2` `reiserfs-kmp-default >= 6.4.0-150600.23.14.2`	Patchnames: SUSE-SLE-Module-Basesystem-15-SP6-2024-2571 SUSE-SLE-Module-Development-Tools-15-SP6-2024-2571 SUSE-SLE-Module-Legacy-15-SP6-2024-2571 SUSE-SLE-Product-WE-15-SP6-2024-2571
SUSE Linux Enterprise Workstation Extension 15 SP6	`kernel-default-extra >= 6.4.0-150600.23.14.2`	Patchnames: SUSE-SLE-Product-WE-15-SP6-2024-2571
openSUSE Leap 15.6	`cluster-md-kmp-64kb >= 6.4.0-150600.23.14.1` `cluster-md-kmp-default >= 6.4.0-150600.23.14.2` `dlm-kmp-64kb >= 6.4.0-150600.23.14.1` `dlm-kmp-default >= 6.4.0-150600.23.14.2` `dtb-allwinner >= 6.4.0-150600.23.14.1` `dtb-altera >= 6.4.0-150600.23.14.1` `dtb-amazon >= 6.4.0-150600.23.14.1` `dtb-amd >= 6.4.0-150600.23.14.1` `dtb-amlogic >= 6.4.0-150600.23.14.1` `dtb-apm >= 6.4.0-150600.23.14.1` `dtb-apple >= 6.4.0-150600.23.14.1` `dtb-arm >= 6.4.0-150600.23.14.1` `dtb-broadcom >= 6.4.0-150600.23.14.1` `dtb-cavium >= 6.4.0-150600.23.14.1` `dtb-exynos >= 6.4.0-150600.23.14.1` `dtb-freescale >= 6.4.0-150600.23.14.1` `dtb-hisilicon >= 6.4.0-150600.23.14.1` `dtb-lg >= 6.4.0-150600.23.14.1` `dtb-marvell >= 6.4.0-150600.23.14.1` `dtb-mediatek >= 6.4.0-150600.23.14.1` `dtb-nvidia >= 6.4.0-150600.23.14.1` `dtb-qcom >= 6.4.0-150600.23.14.1` `dtb-renesas >= 6.4.0-150600.23.14.1` `dtb-rockchip >= 6.4.0-150600.23.14.1` `dtb-socionext >= 6.4.0-150600.23.14.1` `dtb-sprd >= 6.4.0-150600.23.14.1` `dtb-xilinx >= 6.4.0-150600.23.14.1` `gfs2-kmp-64kb >= 6.4.0-150600.23.14.1` `gfs2-kmp-default >= 6.4.0-150600.23.14.2` `kernel-64kb >= 6.4.0-150600.23.14.1` `kernel-64kb-devel >= 6.4.0-150600.23.14.1` `kernel-64kb-extra >= 6.4.0-150600.23.14.1` `kernel-64kb-livepatch-devel >= 6.4.0-150600.23.14.1` `kernel-64kb-optional >= 6.4.0-150600.23.14.1` `kernel-debug >= 6.4.0-150600.23.14.2` `kernel-debug-devel >= 6.4.0-150600.23.14.2` `kernel-debug-livepatch-devel >= 6.4.0-150600.23.14.2` `kernel-debug-vdso >= 6.4.0-150600.23.14.2` `kernel-default >= 6.4.0-150600.23.14.2` `kernel-default-base >= 6.4.0-150600.23.14.2.150600.12.4.3` `kernel-default-base-rebuild >= 6.4.0-150600.23.14.2.150600.12.4.3` `kernel-default-devel >= 6.4.0-150600.23.14.2` `kernel-default-extra >= 6.4.0-150600.23.14.2` `kernel-default-livepatch >= 6.4.0-150600.23.14.2` `kernel-default-livepatch-devel >= 6.4.0-150600.23.14.2` `kernel-default-optional >= 6.4.0-150600.23.14.2` `kernel-default-vdso >= 6.4.0-150600.23.14.2` `kernel-devel >= 6.4.0-150600.23.14.2` `kernel-docs >= 6.4.0-150600.23.14.2` `kernel-docs-html >= 6.4.0-150600.23.14.2` `kernel-kvmsmall >= 6.4.0-150600.23.14.2` `kernel-kvmsmall-devel >= 6.4.0-150600.23.14.2` `kernel-kvmsmall-livepatch-devel >= 6.4.0-150600.23.14.2` `kernel-kvmsmall-vdso >= 6.4.0-150600.23.14.2` `kernel-macros >= 6.4.0-150600.23.14.2` `kernel-obs-build >= 6.4.0-150600.23.14.2` `kernel-obs-qa >= 6.4.0-150600.23.14.2` `kernel-source >= 6.4.0-150600.23.14.2` `kernel-source-vanilla >= 6.4.0-150600.23.14.2` `kernel-syms >= 6.4.0-150600.23.14.2` `kernel-zfcpdump >= 6.4.0-150600.23.14.2` `kselftests-kmp-64kb >= 6.4.0-150600.23.14.1` `kselftests-kmp-default >= 6.4.0-150600.23.14.2` `ocfs2-kmp-64kb >= 6.4.0-150600.23.14.1` `ocfs2-kmp-default >= 6.4.0-150600.23.14.2` `reiserfs-kmp-64kb >= 6.4.0-150600.23.14.1` `reiserfs-kmp-default >= 6.4.0-150600.23.14.2`	Patchnames: openSUSE-SLE-15.6-2024-2571

First public cloud image revisions this CVE is fixed in:

SUSE Timeline for this CVE

CVE page created: Thu Feb 22 07:00:09 2024
CVE page last modified: Mon Nov 18 14:15:43 2024