Oval Definition:oval:org.opensuse.security:def:202232222
Revision Date:2022-09-02Version:1
Title:CVE-2022-32222
Description:

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-32222
SUSE CVE-2022-32222
Platform(s):SUSE Linux Enterprise Server for SAP Applications 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND Package Information
  • nodejs10 is not affected
  • OR nodejs10-devel is not affected
  • OR nodejs10-docs is not affected
  • OR npm10 is not affected
  • OR nodejs12 is not affected
  • OR nodejs12-devel is not affected
  • OR nodejs12-docs is not affected
  • OR npm12 is not affected
  • OR nodejs14 is not affected
  • OR nodejs14-devel is not affected
  • OR nodejs14-docs is not affected
  • OR npm14 is not affected
  • OR nodejs8 is not affected
  • OR nodejs8-devel is not affected
  • OR nodejs8-docs is not affected
  • OR npm8 is not affected
    • BACK