Oval Definition:oval:org.opensuse.security:def:202232210
Revision Date:2022-09-02Version:1
Title:CVE-2022-32210
Description:

`Undici.ProxyAgent` never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually sent via plain-text HTTP between Undici and the proxy server.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-32210
SUSE CVE-2022-32210
Platform(s):SUSE Linux Enterprise Server for SAP Applications 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND Package Information
  • nodejs10 is not affected
  • OR nodejs10-devel is not affected
  • OR nodejs10-docs is not affected
  • OR npm10 is not affected
  • OR nodejs12 is not affected
  • OR nodejs12-devel is not affected
  • OR nodejs12-docs is not affected
  • OR npm12 is not affected
  • OR nodejs14 is not affected
  • OR nodejs14-devel is not affected
  • OR nodejs14-docs is not affected
  • OR npm14 is not affected
  • OR nodejs8 is not affected
  • OR nodejs8-devel is not affected
  • OR nodejs8-docs is not affected
  • OR npm8 is not affected
    • BACK