Oval Definition:oval:org.opensuse.security:def:202029050
Revision Date:2022-06-30Version:1
Title:CVE-2020-29050
Description:

SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc directory). NOTE: this is unrelated to CMUSphinx.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-29050
SUSE CVE-2020-29050
openSUSE-SU-2022:0046-1
openSUSE-SU-2022:0054-1
Platform(s):openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libsphinxclient-0_0_1-2.2.11-6.1 is installed
  • OR libsphinxclient-devel-2.2.11-6.1 is installed
  • OR sphinx-2.2.11-6.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • libsphinxclient-0_0_1-2.2.11-lp153.2.3.1 is installed
  • AND libsphinxclient-0_0_1 is signed with openSUSE key
  • OR
  • libsphinxclient-devel-2.2.11-lp153.2.3.1 is installed
  • AND libsphinxclient-devel is signed with openSUSE key
  • OR
  • sphinx-2.2.11-lp153.2.3.1 is installed
  • AND sphinx is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • libsphinxclient-0_0_1-2.2.11-lp154.3.3.1 is installed
  • AND libsphinxclient-0_0_1 is signed with openSUSE key
  • OR
  • libsphinxclient-devel-2.2.11-lp154.3.3.1 is installed
  • AND libsphinxclient-devel is signed with openSUSE key
  • OR
  • sphinx-2.2.11-lp154.3.3.1 is installed
  • AND sphinx is signed with openSUSE key
    • BACK