vulnerability
SUSE: CVE-2022-23853: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | 2022-02-11 | 2022-03-16 | 2022-10-26 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
2022-02-11
Added
2022-03-16
Modified
2022-10-26
Description
The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file that was just opened (due to a misunderstanding of the QProcess API, that was never intended). This can be an untrusted directory.
Solution(s)
suse-upgrade-katesuse-upgrade-kate-langsuse-upgrade-kate-pluginssuse-upgrade-libqt5-qtbase-common-develsuse-upgrade-libqt5-qtbase-develsuse-upgrade-libqt5-qtbase-examplessuse-upgrade-libqt5-qtbase-examples-32bitsuse-upgrade-libqt5-qtbase-platformtheme-gtk3suse-upgrade-libqt5-qtbase-platformtheme-xdgdesktopportalsuse-upgrade-libqt5-qtbase-private-headers-develsuse-upgrade-libqt5bootstrap-devel-staticsuse-upgrade-libqt5bootstrap-devel-static-32bitsuse-upgrade-libqt5concurrent-develsuse-upgrade-libqt5concurrent-devel-32bitsuse-upgrade-libqt5concurrent5suse-upgrade-libqt5concurrent5-32bitsuse-upgrade-libqt5core-develsuse-upgrade-libqt5core-devel-32bitsuse-upgrade-libqt5core-private-headers-develsuse-upgrade-libqt5core5suse-upgrade-libqt5core5-32bitsuse-upgrade-libqt5dbus-develsuse-upgrade-libqt5dbus-devel-32bitsuse-upgrade-libqt5dbus-private-headers-develsuse-upgrade-libqt5dbus5suse-upgrade-libqt5dbus5-32bitsuse-upgrade-libqt5gui-develsuse-upgrade-libqt5gui-devel-32bitsuse-upgrade-libqt5gui-private-headers-develsuse-upgrade-libqt5gui5suse-upgrade-libqt5gui5-32bitsuse-upgrade-libqt5kmssupport-devel-staticsuse-upgrade-libqt5kmssupport-private-headers-develsuse-upgrade-libqt5network-develsuse-upgrade-libqt5network-devel-32bitsuse-upgrade-libqt5network-private-headers-develsuse-upgrade-libqt5network5suse-upgrade-libqt5network5-32bitsuse-upgrade-libqt5opengl-develsuse-upgrade-libqt5opengl-devel-32bitsuse-upgrade-libqt5opengl-private-headers-develsuse-upgrade-libqt5opengl5suse-upgrade-libqt5opengl5-32bitsuse-upgrade-libqt5openglextensions-devel-staticsuse-upgrade-libqt5openglextensions-devel-static-32bitsuse-upgrade-libqt5platformheaders-develsuse-upgrade-libqt5platformsupport-devel-staticsuse-upgrade-libqt5platformsupport-devel-static-32bitsuse-upgrade-libqt5platformsupport-private-headers-develsuse-upgrade-libqt5printsupport-develsuse-upgrade-libqt5printsupport-devel-32bitsuse-upgrade-libqt5printsupport-private-headers-develsuse-upgrade-libqt5printsupport5suse-upgrade-libqt5printsupport5-32bitsuse-upgrade-libqt5sql-develsuse-upgrade-libqt5sql-devel-32bitsuse-upgrade-libqt5sql-private-headers-develsuse-upgrade-libqt5sql5suse-upgrade-libqt5sql5-32bitsuse-upgrade-libqt5sql5-mysqlsuse-upgrade-libqt5sql5-mysql-32bitsuse-upgrade-libqt5sql5-postgresqlsuse-upgrade-libqt5sql5-postgresql-32bitsuse-upgrade-libqt5sql5-sqlitesuse-upgrade-libqt5sql5-sqlite-32bitsuse-upgrade-libqt5sql5-unixodbcsuse-upgrade-libqt5sql5-unixodbc-32bitsuse-upgrade-libqt5test-develsuse-upgrade-libqt5test-devel-32bitsuse-upgrade-libqt5test-private-headers-develsuse-upgrade-libqt5test5suse-upgrade-libqt5test5-32bitsuse-upgrade-libqt5widgets-develsuse-upgrade-libqt5widgets-devel-32bitsuse-upgrade-libqt5widgets-private-headers-develsuse-upgrade-libqt5widgets5suse-upgrade-libqt5widgets5-32bitsuse-upgrade-libqt5xml-develsuse-upgrade-libqt5xml-devel-32bitsuse-upgrade-libqt5xml5suse-upgrade-libqt5xml5-32bit
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.