VYPR

rpm package

opensuse/sphinx&distro=openSUSE Leap 15.4

pkg:rpm/opensuse/sphinx&distro=openSUSE%20Leap%2015.4

Vulnerabilities (1)

  • CVE-2020-29050Jan 7, 2022
    affected < 2.2.11-lp154.3.3.1fixed 2.2.11-lp154.3.3.1

    SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc directory). NOTE: this is unrelate