CVE-2023-22643HIGHCVSS 7.8≥ libzypp-plugin-appdata, < 1.0.1+git.201804262023-02-07
CVE-2023-22643 [HIGH] CWE-78 CVE-2023-22643: An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulner
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to execute code as root. This issue a
cvelistv5nvd