The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local malicious users to gain access to proxies used.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse zypper - |
||
fedoraproject fedora 33 |