| Bug | jessie | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2019-18900 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | : Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS ... |
| CVE-2018-7685 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | The decoupled download and installation steps in libzypp before 17.5.0 ... |
| CVE-2017-9271 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | The commandline package update tool zypper writes HTTP proxy credentia ... |
| CVE-2017-9269 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | In libzypp before August 2018 GPG keys attached to YUM repositories we ... |
| CVE-2017-7436 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | In libzypp before 20170803 it was possible to retrieve unsigned packag ... |
| CVE-2017-7435 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | In libzypp before 20170803 it was possible to add unsigned YUM reposit ... |