OVAL Reference oval:org.opensuse.security:def:202025623

Oval Definition:

oval:org.opensuse.security:def:202025623

Revision Date:	2022-09-02	Version:	1
Title:	CVE-2020-25623
Description:	Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	Mitre CVE-2020-25623 SUSE CVE-2020-25623
Platform(s):	openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
Release Information SUSE OpenStack Cloud 8 is installed OR SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information erlang is not affected OR erlang-epmd is not affected
Definition Synopsis
Release Information SUSE OpenStack Cloud 9 is installed OR SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information erlang is not affected OR erlang-epmd is not affected
Definition Synopsis
openSUSE Tumbleweed is installed AND Package Information erlang-24.0.5-2.1 is installed OR erlang-debugger-24.0.5-2.1 is installed OR erlang-debugger-src-24.0.5-2.1 is installed OR erlang-dialyzer-24.0.5-2.1 is installed OR erlang-dialyzer-src-24.0.5-2.1 is installed OR erlang-diameter-24.0.5-2.1 is installed OR erlang-diameter-src-24.0.5-2.1 is installed OR erlang-doc-24.0.5-2.1 is installed OR erlang-epmd-24.0.5-2.1 is installed OR erlang-et-24.0.5-2.1 is installed OR erlang-et-src-24.0.5-2.1 is installed OR erlang-jinterface-24.0.5-2.1 is installed OR erlang-jinterface-src-24.0.5-2.1 is installed OR erlang-observer-24.0.5-2.1 is installed OR erlang-observer-src-24.0.5-2.1 is installed OR erlang-reltool-24.0.5-2.1 is installed OR erlang-reltool-src-24.0.5-2.1 is installed OR erlang-src-24.0.5-2.1 is installed OR erlang-wx-24.0.5-2.1 is installed OR erlang-wx-src-24.0.5-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND erlang is not affected
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND erlang is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Server 4.1 is installed AND erlang is not affected

BACK