One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 8307883 |
| Date de publication | 2023-02-07 10:15:52 (vue: 2023-02-07 12:08:12) |
| Titre | CVE-2023-22643 |
| Texte | An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to execute code as root. This issue affects: SUSE Linux Enterprise Server for SAP 15-SP3 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426. openSUSE Leap 15.4 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426. |
| Notes | |
| Envoyé | Oui |
| Condensat | 1+git 20180426 2023 22643 affects: alias allows appdata attackers can code command crafted cve elements enterprise execute improper injection issue leap libzypp linux metadata neutralization opensuse path plugin prior repo root sap server settings sp3 sp3; special specially suse trick type use used users versions vulnerability |
| Tags | Vulnerability |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.