Oval Definition:oval:org.opensuse.security:def:202011078
Revision Date:2023-06-22Version:1
Title:CVE-2020-11078
Description:

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-11078
SUSE CVE-2020-11078
SUSE-CU-2021:236-1
SUSE-CU-2021:237-1
SUSE-CU-2021:238-1
SUSE-CU-2021:239-1
SUSE-CU-2021:240-1
SUSE-CU-2021:241-1
SUSE-SU-2021:1637-1
SUSE-SU-2021:1779-1
SUSE-SU-2021:1806-1
SUSE-SU-2021:1807-1
SUSE-SU-2021:1808-1
openSUSE-SU-2021:0772-1
openSUSE-SU-2021:0796-1
openSUSE-SU-2021:1806-1
SUSE-CU-2022:81-1
Platform(s):openSUSE Leap 15.2
openSUSE Leap 15.3
openSUSE Leap 15.3 SLE Imports
openSUSE Tumbleweed
SUSE CaaS Platform 4.0
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP3
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP3
SUSE Linux Enterprise Module for Basesystem 15 SP4
SUSE Linux Enterprise Module for Basesystem 15 SP5
SUSE Linux Enterprise Module for Package Hub 15 SP2
SUSE Linux Enterprise Module for Package Hub 15 SP3
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE Linux Enterprise Storage 7
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
Product(s):
Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-httplib2-0.19.0-7.3.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • python2-httplib2-0.19.0-lp152.6.3.1 is installed
  • AND python2-httplib2 is signed with openSUSE key
  • OR
  • python3-httplib2-0.19.0-lp152.6.3.1 is installed
  • AND python3-httplib2 is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.3 SLE Imports is installed
  • AND Package Information
  • python2-httplib2-0.19.0-3.3.1 is installed
  • AND python2-httplib2 is signed with openSUSE key
  • OR
  • python3-httplib2-0.19.0-3.3.1 is installed
  • AND python3-httplib2 is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • python36-httplib2-0.19.1-1.2 is installed
  • OR python38-httplib2-0.19.1-1.2 is installed
  • OR python39-httplib2-0.19.1-1.2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE CaaS Platform 4.0 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND python3-httplib2 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND python3-httplib2-0.19.0-3.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • AND python2-httplib2-0.19.0-3.3.1 is installed
  • OR Package Information
  • SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed
  • AND python2-httplib2-0.19.0-bp152.3.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • AND python3-httplib2-0.19.0-3.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for additional PackageHub packages 15 SP3 is installed
  • AND python2-httplib2-0.19.0-3.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND python3-httplib2-0.19.0-1.8.1 is installed
  • OR Package Information
  • SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed
  • AND python2-httplib2-0.19.0-bp152.3.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • AND python3-httplib2-0.19.0-3.3.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND python-httplib2-0.19.0-14.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND python3-httplib2-0.19.0-3.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Module for Package Hub 15 SP3 is installed
  • AND python2-httplib2-0.19.0-3.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.1 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND python3-httplib2-0.19.0-3.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Module for Package Hub 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Package Hub 15 SP3 is installed
  • AND python2-httplib2-0.19.0-3.3.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND python-httplib2-0.19.0-7.7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 is installed
  • OR SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • OR SUSE Linux Enterprise Server 12 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND python-httplib2-0.19.0-7.7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-httplib2-0.19.0-8.3.4 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND python-httplib2 is affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND python3-httplib2 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Storage 7 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND python3-httplib2-0.19.0-3.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Module for Package Hub 15 SP2 is installed
  • AND python2-httplib2-0.19.0-3.3.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • python2-httplib2-0.19.0-3.3.1 is installed
  • AND python2-httplib2 is signed with openSUSE key
  • OR
  • python3-httplib2-0.19.0-3.3.1 is installed
  • AND python3-httplib2 is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND python3-httplib2-0.19.0-3.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND python3-httplib2-0.19.0-3.3.1 is installed
    • BACK