Oval Definition:	oval:org.opensuse.security:def:202141116
Revision Date: 2022-08-07 Version: 1 Title: CVE-2021-41116 Description: Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2021-41116 SUSE CVE-2021-41116 openSUSE-SU-2022:0132-1 Platform(s): openSUSE Leap 15.3 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 Product(s): Definition Synopsis openSUSE Tumbleweed is installed AND Package Information php-composer-1.10.25-1.1 is installed OR php-composer2-2.1.12-1.1 is installed Definition Synopsis openSUSE Leap 15.3 is installed AND Package Information php-composer-1.10.26-bp153.2.6.1 is installed AND php-composer is signed with openSUSE key Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15 SP4 is installed OR SUSE Linux Enterprise Module for Web Scripting 15 SP4 is installed OR SUSE Linux Enterprise Server 15 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed OR SUSE Manager Proxy 4.3 is installed OR SUSE Manager Retail Branch Server 4.3 is installed OR SUSE Manager Server 4.3 is installed AND php-composer2-2.2.3-150400.1.6 is installed
BACK