Oval Definition:oval:org.opensuse.security:def:202234305
Revision Date:2022-09-02Version:1
Title:CVE-2022-34305
Description:

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-34305
SUSE CVE-2022-34305
Platform(s):SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP2
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND tomcat is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • tomcat is not affected
  • OR tomcat-admin-webapps is not affected
  • OR tomcat-docs-webapp is not affected
  • OR tomcat-el-3_0-api is not affected
  • OR tomcat-javadoc is not affected
  • OR tomcat-jsp-2_3-api is not affected
  • OR tomcat-lib is not affected
  • OR tomcat-servlet-4_0-api is not affected
  • OR tomcat-webapps is not affected
    • BACK