OVAL Reference oval:org.opensuse.security:def:20165739

Oval Definition:

oval:org.opensuse.security:def:20165739

Revision Date:	2022-06-30	Version:	1
Title:	CVE-2016-5739
Description:	The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-5739 Mitre CVE-2016-5739 SUSE CVE-2016-5739 openSUSE-SU-2016:1699-1 openSUSE-SU-2016:1700-1
Platform(s):	openSUSE 13.1 openSUSE 13.2 openSUSE Leap 42.1 openSUSE Tumbleweed	Product(s):
Definition Synopsis
openSUSE 13.1 is installed AND phpMyAdmin-4.4.15.7-60.1 is installed
Definition Synopsis
openSUSE 13.2 is installed AND phpMyAdmin-4.4.15.7-36.1 is installed
Definition Synopsis
openSUSE Leap 42.1 is installed AND Package Information phpMyAdmin-4.4.15.7-22.1 is installed AND phpMyAdmin is signed with openSUSE key
Definition Synopsis
openSUSE Tumbleweed is installed AND phpMyAdmin-4.6.5.2-1.1 is installed