vulnerability
SUSE: CVE-2022-23853: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Feb 11, 2022 | Mar 16, 2022 | Oct 26, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Feb 11, 2022
Added
Mar 16, 2022
Modified
Oct 26, 2022
Description
The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file that was just opened (due to a misunderstanding of the QProcess API, that was never intended). This can be an untrusted directory.
Solutions
suse-upgrade-katesuse-upgrade-kate-langsuse-upgrade-kate-pluginssuse-upgrade-libqt5-qtbase-common-develsuse-upgrade-libqt5-qtbase-develsuse-upgrade-libqt5-qtbase-examplessuse-upgrade-libqt5-qtbase-examples-32bitsuse-upgrade-libqt5-qtbase-platformtheme-gtk3suse-upgrade-libqt5-qtbase-platformtheme-xdgdesktopportalsuse-upgrade-libqt5-qtbase-private-headers-develsuse-upgrade-libqt5bootstrap-devel-staticsuse-upgrade-libqt5bootstrap-devel-static-32bitsuse-upgrade-libqt5concurrent-develsuse-upgrade-libqt5concurrent-devel-32bitsuse-upgrade-libqt5concurrent5suse-upgrade-libqt5concurrent5-32bitsuse-upgrade-libqt5core-develsuse-upgrade-libqt5core-devel-32bitsuse-upgrade-libqt5core-private-headers-develsuse-upgrade-libqt5core5suse-upgrade-libqt5core5-32bitsuse-upgrade-libqt5dbus-develsuse-upgrade-libqt5dbus-devel-32bitsuse-upgrade-libqt5dbus-private-headers-develsuse-upgrade-libqt5dbus5suse-upgrade-libqt5dbus5-32bitsuse-upgrade-libqt5gui-develsuse-upgrade-libqt5gui-devel-32bitsuse-upgrade-libqt5gui-private-headers-develsuse-upgrade-libqt5gui5suse-upgrade-libqt5gui5-32bitsuse-upgrade-libqt5kmssupport-devel-staticsuse-upgrade-libqt5kmssupport-private-headers-develsuse-upgrade-libqt5network-develsuse-upgrade-libqt5network-devel-32bitsuse-upgrade-libqt5network-private-headers-develsuse-upgrade-libqt5network5suse-upgrade-libqt5network5-32bitsuse-upgrade-libqt5opengl-develsuse-upgrade-libqt5opengl-devel-32bitsuse-upgrade-libqt5opengl-private-headers-develsuse-upgrade-libqt5opengl5suse-upgrade-libqt5opengl5-32bitsuse-upgrade-libqt5openglextensions-devel-staticsuse-upgrade-libqt5openglextensions-devel-static-32bitsuse-upgrade-libqt5platformheaders-develsuse-upgrade-libqt5platformsupport-devel-staticsuse-upgrade-libqt5platformsupport-devel-static-32bitsuse-upgrade-libqt5platformsupport-private-headers-develsuse-upgrade-libqt5printsupport-develsuse-upgrade-libqt5printsupport-devel-32bitsuse-upgrade-libqt5printsupport-private-headers-develsuse-upgrade-libqt5printsupport5suse-upgrade-libqt5printsupport5-32bitsuse-upgrade-libqt5sql-develsuse-upgrade-libqt5sql-devel-32bitsuse-upgrade-libqt5sql-private-headers-develsuse-upgrade-libqt5sql5suse-upgrade-libqt5sql5-32bitsuse-upgrade-libqt5sql5-mysqlsuse-upgrade-libqt5sql5-mysql-32bitsuse-upgrade-libqt5sql5-postgresqlsuse-upgrade-libqt5sql5-postgresql-32bitsuse-upgrade-libqt5sql5-sqlitesuse-upgrade-libqt5sql5-sqlite-32bitsuse-upgrade-libqt5sql5-unixodbcsuse-upgrade-libqt5sql5-unixodbc-32bitsuse-upgrade-libqt5test-develsuse-upgrade-libqt5test-devel-32bitsuse-upgrade-libqt5test-private-headers-develsuse-upgrade-libqt5test5suse-upgrade-libqt5test5-32bitsuse-upgrade-libqt5widgets-develsuse-upgrade-libqt5widgets-devel-32bitsuse-upgrade-libqt5widgets-private-headers-develsuse-upgrade-libqt5widgets5suse-upgrade-libqt5widgets5-32bitsuse-upgrade-libqt5xml-develsuse-upgrade-libqt5xml-devel-32bitsuse-upgrade-libqt5xml5suse-upgrade-libqt5xml5-32bit
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.