VYPR
Unrated severityNVD Advisory· Published Dec 2, 2013· Updated Jun 16, 2026

CVE-2012-0420

CVE-2012-0420

Description

zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6.166 allows local users to create files in arbitrary directories, or possibly have unspecified other impact, via a pathname in the ZYPP_LOCKFILE_ROOT environment variable.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • OpenSUSE/Zypper4 versions
    cpe:2.3:a:opensuse:zypper:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:opensuse:zypper:*:*:*:*:*:*:*:*range: <=1.2.8
    • cpe:2.3:a:opensuse:zypper:0.11.6:*:*:*:*:*:*:*
    • cpe:2.3:a:opensuse:zypper:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:opensuse:zypper:1.6.16:*:*:*:*:*:*:*
  • SUSE S.A./Zypperllm-create
    Range: <1.3.20, >=1.6.0 <1.6.166

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.