OVAL Reference oval:org.opensuse.security:def:201812474

Oval Definition:

oval:org.opensuse.security:def:201812474

Revision Date:	2022-09-01	Version:	1
Title:	CVE-2018-12474
Description:	Improper input validation in obs-service-tar_scm of Open Build Service allows remote attackers to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. Affected releases are openSUSE Open Build Service: versions prior to 51a17c553b6ae2598820b7a90fd0c11502a49106.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-12474 SUSE-SU-2019:0540-1 openSUSE-SU-2019:0326-1 openSUSE-SU-2019:0329-1 Mitre CVE-2018-12474 SUSE CVE-2018-12474 SUSE-SU-2019:0540-1 openSUSE-SU-2019:0326-1 openSUSE-SU-2019:0329-1
Platform(s):	openSUSE Leap 15.0 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE OpenStack Cloud 7 SUSE Package Hub for SUSE Linux Enterprise 15	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information obs-service-appimage-0.10.5.1551309990.79898c7-lp150.2.3 is installed AND obs-service-appimage is signed with openSUSE key OR obs-service-obs_scm-0.10.5.1551309990.79898c7-lp150.2.3 is installed AND obs-service-obs_scm is signed with openSUSE key OR obs-service-obs_scm-common-0.10.5.1551309990.79898c7-lp150.2.3 is installed AND obs-service-obs_scm-common is signed with openSUSE key OR obs-service-snapcraft-0.10.5.1551309990.79898c7-lp150.2.3 is installed AND obs-service-snapcraft is signed with openSUSE key OR obs-service-tar-0.10.5.1551309990.79898c7-lp150.2.3 is installed AND obs-service-tar is signed with openSUSE key OR obs-service-tar_scm-0.10.5.1551309990.79898c7-lp150.2.3 is installed AND obs-service-tar_scm is signed with openSUSE key
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information obs-service-appimage-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-obs_scm-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-obs_scm-common-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-snapcraft-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-tar-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-tar_scm-0.10.5.1551309990.79898c7-3.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND obs-service-appimage-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-obs_scm-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-obs_scm-common-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-snapcraft-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-tar-0.10.5.1551309990.79898c7-3.3 is installed OR obs-service-tar_scm-0.10.5.1551309990.79898c7-3.3 is installed OR Package Information SUSE Package Hub for SUSE Linux Enterprise 15 is installed AND obs-service-appimage-0.10.5.1551309990.79898c7-bp150.3.3 is installed OR obs-service-obs_scm-0.10.5.1551309990.79898c7-bp150.3.3 is installed OR obs-service-obs_scm-common-0.10.5.1551309990.79898c7-bp150.3.3 is installed OR obs-service-snapcraft-0.10.5.1551309990.79898c7-bp150.3.3 is installed OR obs-service-tar-0.10.5.1551309990.79898c7-bp150.3.3 is installed OR obs-service-tar_scm-0.10.5.1551309990.79898c7-bp150.3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND caasp-openstack-heat-templates-1.0+git.1540887180.64bfde8-1.3.2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND Package Information obs-service-appimage-0.10.6.1551887937.e42c270-1.3 is installed OR obs-service-obs_scm-0.10.6.1551887937.e42c270-1.3 is installed OR obs-service-obs_scm-common-0.10.6.1551887937.e42c270-1.3 is installed OR obs-service-snapcraft-0.10.6.1551887937.e42c270-1.3 is installed OR obs-service-tar-0.10.6.1551887937.e42c270-1.3 is installed OR obs-service-tar_scm-0.10.6.1551887937.e42c270-1.3 is installed
Definition Synopsis
openSUSE Tumbleweed is installed AND Package Information obs-service-appimage-0.10.28.1632141620.a8837d3-1.1 is installed OR obs-service-obs_scm-0.10.28.1632141620.a8837d3-1.1 is installed OR obs-service-obs_scm-common-0.10.28.1632141620.a8837d3-1.1 is installed OR obs-service-snapcraft-0.10.28.1632141620.a8837d3-1.1 is installed OR obs-service-tar-0.10.28.1632141620.a8837d3-1.1 is installed OR obs-service-tar_scm-0.10.28.1632141620.a8837d3-1.1 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 15 is installed AND Package Information obs-service-appimage-0.10.5.1551309990.79898c7-bp150.3.3.1 is installed OR obs-service-obs_scm-0.10.5.1551309990.79898c7-bp150.3.3.1 is installed OR obs-service-obs_scm-common-0.10.5.1551309990.79898c7-bp150.3.3.1 is installed OR obs-service-snapcraft-0.10.5.1551309990.79898c7-bp150.3.3.1 is installed OR obs-service-tar-0.10.5.1551309990.79898c7-bp150.3.3.1 is installed OR obs-service-tar_scm-0.10.5.1551309990.79898c7-bp150.3.3.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND Package Information obs-service-appimage-0.10.6.1551887937.e42c270-1.3.1 is installed OR obs-service-obs_scm-0.10.6.1551887937.e42c270-1.3.1 is installed OR obs-service-obs_scm-common-0.10.6.1551887937.e42c270-1.3.1 is installed OR obs-service-snapcraft-0.10.6.1551887937.e42c270-1.3.1 is installed OR obs-service-tar-0.10.6.1551887937.e42c270-1.3.1 is installed OR obs-service-tar_scm-0.10.6.1551887937.e42c270-1.3.1 is installed

BACK