Oval Definition:	oval:org.opensuse.security:def:201917020
Revision Date: 2022-06-30 Version: 1 Title: CVE-2019-17020 Description: If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. This vulnerability affects Firefox < 72. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2019-17020 SUSE CVE-2019-17020 Platform(s): openSUSE Tumbleweed SUSE CaaS Platform 4.0 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0 Product(s): Definition Synopsis openSUSE Tumbleweed is installed AND Package Information MozillaFirefox-92.0-1.2 is installed OR MozillaFirefox-branding-upstream-92.0-1.2 is installed OR MozillaFirefox-devel-92.0-1.2 is installed OR MozillaFirefox-translations-common-92.0-1.2 is installed OR MozillaFirefox-translations-other-92.0-1.2 is installed Definition Synopsis Release Information SUSE CaaS Platform 4.0 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed AND Package Information MozillaFirefox is affected OR MozillaFirefox-devel is affected OR MozillaFirefox-translations-common is affected OR MozillaFirefox-translations-other is affected Definition Synopsis Release Information SUSE Manager Proxy 4.0 is installed OR SUSE Manager Retail Branch Server 4.0 is installed OR SUSE Manager Server 4.0 is installed AND MozillaFirefox is affected OR Package Information SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed AND MozillaFirefox is affected OR MozillaFirefox-devel is affected OR MozillaFirefox-translations-common is affected OR MozillaFirefox-translations-other is affected
BACK