Oval Definition:	oval:org.opensuse.security:def:201812120
Revision Date: 2022-05-22 Version: 1 Title: CVE-2018-12120 Description: Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as `node --debug=localhost`. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-12120 SUSE-SU-2019:0117-1 SUSE-SU-2019:0395-1 openSUSE-SU-2019:0088-1 openSUSE-SU-2019:0234-1 Mitre CVE-2018-12120 SUSE CVE-2018-12120 SUSE-SU-2019:0117-1 SUSE-SU-2019:0395-1 openSUSE-SU-2019:0088-1 openSUSE-SU-2019:0234-1 Platform(s): openSUSE Leap 42.3 SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information nodejs4-4.9.1-20 is installed AND nodejs4 is signed with openSUSE key OR nodejs4-devel-4.9.1-20 is installed AND nodejs4-devel is signed with openSUSE key OR nodejs4-docs-4.9.1-20 is installed AND nodejs4-docs is signed with openSUSE key OR nodejs6-6.16.0-18 is installed AND nodejs6 is signed with openSUSE key OR nodejs6-devel-6.16.0-18 is installed AND nodejs6-devel is signed with openSUSE key OR nodejs6-docs-6.16.0-18 is installed AND nodejs6-docs is signed with openSUSE key OR npm4-4.9.1-20 is installed AND npm4 is signed with openSUSE key OR npm6-6.16.0-18 is installed AND npm6 is signed with openSUSE key Definition Synopsis SUSE OpenStack Cloud 7 is installed AND nodejs6-6.16.0-11.21.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs4-4.9.1-15.17 is installed OR nodejs4-devel-4.9.1-15.17 is installed OR nodejs4-docs-4.9.1-15.17 is installed OR nodejs6-6.16.0-11.21 is installed OR nodejs6-devel-6.16.0-11.21 is installed OR nodejs6-docs-6.16.0-11.21 is installed OR npm4-4.9.1-15.17 is installed OR npm6-6.16.0-11.21 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.16.0-11.21.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 12 is installed OR SUSE Linux Enterprise Module for Web Scripting 12 is installed OR SUSE Linux Enterprise Server 12 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND Package Information nodejs4-4.9.1-15.17.1 is installed OR nodejs4-devel-4.9.1-15.17.1 is installed OR nodejs4-docs-4.9.1-15.17.1 is installed OR nodejs6-6.16.0-11.21.1 is installed OR nodejs6-devel-6.16.0-11.21.1 is installed OR nodejs6-docs-6.16.0-11.21.1 is installed OR npm4-4.9.1-15.17.1 is installed OR npm6-6.16.0-11.21.1 is installed
BACK