OVAL Reference oval:org.opensuse.security:def:20222047

Oval Definition:

oval:org.opensuse.security:def:20222047

Revision Date:	2023-06-22	Version:	1
Title:	CVE-2022-2047
Description:	In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	Mitre CVE-2022-2047 SUSE CVE-2022-2047 SUSE-CU-2023:712-1 SUSE-CU-2023:713-1 SUSE-CU-2023:714-1 SUSE-CU-2023:715-1
Platform(s):	SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Module for Development Tools 15 SP4 SUSE Linux Enterprise Module for Development Tools 15 SP5 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3	Product(s):
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP4 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP4 is installed OR SUSE Linux Enterprise Server 15 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed OR SUSE Manager Proxy 4.3 is installed OR SUSE Manager Retail Branch Server 4.3 is installed OR SUSE Manager Server 4.3 is installed AND Package Information jetty-http is affected OR jetty-io is affected OR jetty-security is affected OR jetty-server is affected OR jetty-servlet is affected OR jetty-util is affected OR jetty-util-ajax is affected
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed AND Package Information jetty-http is affected OR jetty-io is affected OR jetty-security is affected OR jetty-server is affected OR jetty-servlet is affected OR jetty-util is affected OR jetty-util-ajax is affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP5 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Development Tools 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND Package Information jetty-http-9.4.48-150200.3.16.3 is installed OR jetty-io-9.4.48-150200.3.16.3 is installed OR jetty-security-9.4.48-150200.3.16.3 is installed OR jetty-server-9.4.48-150200.3.16.3 is installed OR jetty-servlet-9.4.48-150200.3.16.3 is installed OR jetty-util-9.4.48-150200.3.16.3 is installed OR jetty-util-ajax-9.4.48-150200.3.16.3 is installed

BACK