Oval Definition:
oval:org.opensuse.security:def:20179286
Revision Date
:
2019-09-27
Version
:
1
Title
:
CVE-2017-9286
Description
:
The packaging of NextCloud in openSUSE used /srv/www/htdocs in an unsafe manner, which could have allowed scripts running as wwwrun user to escalate privileges to root during nextcloud package upgrade.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2017-9286
Platform(s)
:
openSUSE Leap 42.3
Product(s)
:
Definition Synopsis
openSUSE Leap 42.3 is installed
AND
Package Information
nextcloud-11.0.3-3 is installed
AND
nextcloud is signed with openSUSE key
BACK