Oval Definition:oval:org.opensuse.security:def:201920149
Revision Date:2022-05-22Version:1
Title:CVE-2019-20149
Description:

ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2019-20149
SUSE CVE-2019-20149
Platform(s):Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server
Product(s):
Definition Synopsis
  • Release Information
  • Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy is installed
  • OR Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy is installed
  • OR Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy is installed
  • AND
  • patterns-suma_proxy-4.0-9.16.1 is installed
  • OR python3-spacewalk-backend-libs-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-4.0.32-3.29.1 is installed
  • OR spacewalk-base-minimal-4.0.21-3.24.2 is installed
  • OR spacewalk-base-minimal-config-4.0.21-3.24.2 is installed
  • OR spacewalk-proxy-installer-4.0.13-3.6.1 is installed
  • OR susemanager-build-keys-15.1.0-3.3.1 is installed
  • OR susemanager-build-keys-web-15.1.0-3.3.1 is installed
  • OR Package Information
  • Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server is installed
  • OR Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server is installed
  • OR Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server is installed
  • AND
  • cobbler-3.0.0+git20190806.32c4bae0-7.13.1 is installed
  • OR patterns-suma_server-4.0-9.16.1 is installed
  • OR python3-spacewalk-backend-libs-4.0.32-3.29.1 is installed
  • OR spacecmd-4.0.19-3.16.1 is installed
  • OR spacewalk-backend-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-app-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-applet-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-config-files-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-config-files-common-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-config-files-tool-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-iss-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-iss-export-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-package-push-server-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-server-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-sql-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-sql-postgresql-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-tools-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-xml-export-libs-4.0.32-3.29.1 is installed
  • OR spacewalk-backend-xmlrpc-4.0.32-3.29.1 is installed
  • OR spacewalk-base-4.0.21-3.24.2 is installed
  • OR spacewalk-base-minimal-4.0.21-3.24.2 is installed
  • OR spacewalk-base-minimal-config-4.0.21-3.24.2 is installed
  • OR spacewalk-branding-4.0.17-3.15.1 is installed
  • OR spacewalk-html-4.0.21-3.24.2 is installed
  • OR spacewalk-java-4.0.34-3.31.1 is installed
  • OR spacewalk-java-config-4.0.34-3.31.1 is installed
  • OR spacewalk-java-lib-4.0.34-3.31.1 is installed
  • OR spacewalk-java-postgresql-4.0.34-3.31.1 is installed
  • OR spacewalk-taskomatic-4.0.34-3.31.1 is installed
  • OR supportutils-plugin-susemanager-4.0.4-3.3.1 is installed
  • OR susemanager-4.0.26-3.30.1 is installed
  • OR susemanager-build-keys-15.1.0-3.3.1 is installed
  • OR susemanager-build-keys-web-15.1.0-3.3.1 is installed
  • OR susemanager-doc-indexes-4.0-10.24.1 is installed
  • OR susemanager-docs_en-4.0-10.24.1 is installed
  • OR susemanager-docs_en-pdf-4.0-10.24.1 is installed
  • OR susemanager-schema-4.0.20-3.23.1 is installed
  • OR susemanager-sls-4.0.27-3.25.1 is installed
  • OR susemanager-tools-4.0.26-3.30.1 is installed
  • OR susemanager-web-libs-4.0.21-3.24.2 is installed
    • BACK