CVE-2023-32182

CWE-593 documents3 sources

Severity

7.8HIGH

EPSS

0.0%

top 94.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Suse Opensuse Leap 15.5 Suse Suse Linux Enterprise Desktop 15 SP5 Suse Suse Linux Enterprise High Performance Computing 15 SP5 +3 more

Timeline

PublishedSep 19

Description

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 2.5 | Impact: 3.4

Affected Packages6 packages

▶CVEListV5suse/suse_linux_enterprise_high_performance_computing_15_sp5? — 3.7.3-150500.3.5.1

▶NVDsuse/linux_enterprise_high_performance_computing15.0

▶CVEListV5suse/suse_linux_enterprise_desktop_15_sp5? — 3.7.3-150500.3.5.1

▶NVDsuse/suse_linux_enterprise_desktop15

▶CVEListV5suse/opensuse_leap_15.5? — 3.7.3-150500.3.5.1

🔴Vulnerability Details

CVEList

CVE-2023-32182: A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux E↗2023-09-19

▶

GHSA

GHSA-wcv5-982f-xggc: A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux E↗2023-09-19

▶