EUVD-2023-26777

Malicious code in bioql PyPI...

openSUSE: Security Advisory for libzypp (SUSE-SU-2023:0095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the libzypp-plugin-appdata plugin for SUSE Linux Enterprise operating systems, which allows a hacker to execute arbitrary code.

The vulnerability of the libzypp-plugin-appdata plugin in SUSE Linux Enterprise operating systems exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows an attacker to execute arbitrary code using speciall...

SUSE CVE-2023-22643

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPOALIAS, REPOTYPE or...

CVE-2023-22643

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPOALIAS, REPOTYPE or...

CVE-2023-22643 libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPOALIAS, REPOTYPE or...

CVE-2023-22643 libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPOALIAS, REPOTYPE or...

CVE-2023-22643

CVE-2023-22643 affects libzypp-plugin-appdata in SUSE Linux Enterprise Server for SAP 15-SP3 and openSUSE Leap 15.4. The issue is an OS command injection vulnerability due to improper neutralization of special elements in repo configuration (REPO_ALIAS, REPO_TYPE, REPO_METADATA_PATH) that can be ...

SUSE SLES15 Security Update : libzypp-plugin-appdata (SUSE-SU-2023:0140-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0140-1 advisory. - An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in libzypp-plugin-appdata of SUS...

SUSE: Security Advisory (SUSE-SU-2023:0140-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libzypp-plugin-appdata (SUSE-SU-2023:0095-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0095-1 advisory. - An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerabili...

SUSE-SU-2023:0095-1 Security update for libzypp-plugin-appdata

This update for libzypp-plugin-appdata fixes the following issues: - CVE-2023-22643: Fixed potential shell injection related to malicious repo names bsc1206836...

PT-2023-1560 · Suse · Libzypp-Plugin-Appdata +1

Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise Server for SAP 15-SP3 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426 openSUSE Leap 15.4 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426 Description: The issue is related to an Improper...