Oval Definition:	oval:org.opensuse.security:def:201810928
Revision Date: 2022-06-30 Version: 1 Title: CVE-2018-10928 Description: A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-10928 openSUSE-SU-2020:0079-1 Mitre CVE-2018-10928 SUSE CVE-2018-10928 openSUSE-SU-2020:0079-1 Platform(s): openSUSE Leap 15.1 openSUSE Tumbleweed Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information glusterfs-3.12.15-lp151.3.3 is installed AND glusterfs is signed with openSUSE key OR glusterfs-devel-3.12.15-lp151.3.3 is installed AND glusterfs-devel is signed with openSUSE key OR libgfapi0-3.12.15-lp151.3.3 is installed AND libgfapi0 is signed with openSUSE key OR libgfchangelog0-3.12.15-lp151.3.3 is installed AND libgfchangelog0 is signed with openSUSE key OR libgfdb0-3.12.15-lp151.3.3 is installed AND libgfdb0 is signed with openSUSE key OR libgfrpc0-3.12.15-lp151.3.3 is installed AND libgfrpc0 is signed with openSUSE key OR libgfxdr0-3.12.15-lp151.3.3 is installed AND libgfxdr0 is signed with openSUSE key OR libglusterfs0-3.12.15-lp151.3.3 is installed AND libglusterfs0 is signed with openSUSE key OR python-gluster-3.12.15-lp151.3.3 is installed AND python-gluster is signed with openSUSE key Definition Synopsis openSUSE Tumbleweed is installed AND Package Information glusterfs-9.1-1.3 is installed OR glusterfs-devel-9.1-1.3 is installed OR libgfapi0-9.1-1.3 is installed OR libgfchangelog0-9.1-1.3 is installed OR libgfrpc0-9.1-1.3 is installed OR libgfxdr0-9.1-1.3 is installed OR libglusterd0-9.1-1.3 is installed OR libglusterfs0-9.1-1.3 is installed OR python3-gluster-9.1-1.3 is installed
BACK