CVE-2024-22033 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-22033 at MITRE

Description

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

CVSS v3 Scores
	SUSE
Base Score	5.5
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Attack Vector	Network
Attack Complexity	Low
Privileges Required	Low
User Interaction	Required
Scope	Unchanged
Confidentiality Impact	Low
Integrity Impact	Low
Availability Impact	Low
CVSSv3 Version	3.1

SUSE Bugzilla entry: 1227203 [NEW]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Package Hub 15 SP5	`obs-service-download_url >= 0.2.1-bp155.3.3.1`	Patchnames: openSUSE-2024-199
SUSE Package Hub 15 SP6	`obs-service-download_url >= 0.2.1-bp156.2.3.1`	Patchnames: openSUSE-2024-200
openSUSE Leap 15.5	`obs-service-download_url >= 0.2.1-bp155.3.3.1`	Patchnames: openSUSE-2024-199
openSUSE Leap 15.6	`obs-service-download_url >= 0.2.1-bp156.2.3.1`	Patchnames: openSUSE-2024-200
openSUSE Tumbleweed	`obs-service-download_url >= 0.2.1-1.1`	Patchnames: openSUSE-Tumbleweed-2024-14126

SUSE Timeline for this CVE

CVE page created: Sat Jun 29 17:30:02 2024
CVE page last modified: Mon Jul 15 13:47:23 2024