OVAL Reference oval:org.opensuse.security:def:202010683

Oval Definition:

oval:org.opensuse.security:def:202010683

Revision Date:	2023-06-22	Version:	1
Title:	CVE-2020-10683
Description:	dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2020-10683 SUSE-SU-2020:1382-1 SUSE-SU-2020:1383-1 openSUSE-SU-2020:0719-1 Mitre CVE-2020-10683 SUSE CVE-2020-10683 SUSE-SU-2020:1382-1 SUSE-SU-2020:1383-1 openSUSE-SU-2020:0719-1
Platform(s):	Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server openSUSE Leap 15.1 openSUSE Tumbleweed SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Development Tools 15 SP3 SUSE Linux Enterprise Module for Development Tools 15 SP4 SUSE Linux Enterprise Module for Development Tools 15 SP5 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for SUSE Manager Server 4.0 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.0 SUSE Manager Server 4.1 SUSE Manager Server 4.2 SUSE Manager Server 4.3	Product(s):
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information dom4j-1.6.1-lp151.6.3 is installed AND dom4j is signed with openSUSE key OR dom4j-demo-1.6.1-lp151.6.3 is installed AND dom4j-demo is signed with openSUSE key OR dom4j-javadoc-1.6.1-lp151.6.3 is installed AND dom4j-javadoc is signed with openSUSE key OR dom4j-manual-1.6.1-lp151.6.3 is installed AND dom4j-manual is signed with openSUSE key
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information dom4j-1.6.1-4.9 is installed OR dom4j-demo-1.6.1-4.9 is installed OR dom4j-javadoc-1.6.1-4.9 is installed OR dom4j-manual-1.6.1-4.9 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND dom4j-1.6.1-10 is installed OR Package Information SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND dom4j-1.6.1-4.9 is installed OR dom4j-demo-1.6.1-4.9 is installed OR dom4j-javadoc-1.6.1-4.9 is installed OR dom4j-manual-1.6.1-4.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND dom4j-1.6.1-10 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for SUSE Manager Server 4.0 is installed AND dom4j-1.6.1-4.9 is installed OR Package Information SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND dom4j-1.6.1-4.9 is installed OR dom4j-demo-1.6.1-4.9 is installed OR dom4j-javadoc-1.6.1-4.9 is installed OR dom4j-manual-1.6.1-4.9 is installed
Definition Synopsis
openSUSE Tumbleweed is installed AND Package Information dom4j-1.6.1-33.6 is installed OR dom4j-demo-1.6.1-33.6 is installed OR dom4j-javadoc-1.6.1-33.6 is installed OR dom4j-manual-1.6.1-33.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND dom4j-1.6.1-10.12 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP3 is installed AND dom4j-1.6.1-10.12 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND dom4j-1.6.1-10.12 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for SUSE Manager Server 4.0 is installed OR SUSE Manager Server 4.0 is installed AND dom4j-1.6.1-4.9.4 is installed OR Package Information Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server is installed OR Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server is installed OR Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server is installed AND dom4j-1.6.1-4.9.4 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Server 4.1 is installed AND dom4j-1.6.1-10.12 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP4 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP4 is installed OR SUSE Linux Enterprise Server 15 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed OR SUSE Manager Proxy 4.3 is installed OR SUSE Manager Retail Branch Server 4.3 is installed OR SUSE Manager Server 4.3 is installed AND dom4j-1.6.1-10.12 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP5 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND dom4j-1.6.1-150200.12.6.3 is installed

BACK