CVE-2018-19456 Common Vulnerabilities and Exposures

Upstream information

CVE-2018-19456 at MITRE

Description

The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql.

SUSE information

Overall state of this security issue: Resolved

This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.

No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

SUSE-SU-2019:0024-1, published Mon Jan 7 16:08:59 MST 2019
openSUSE-SU-2019:0021-1, published Fri Dec 8 15:48:41 2023

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3	`libgit2-24 >= 0.24.1-7.9.1`	Patchnames: SUSE-SLE-SDK-12-SP3-2019-24
SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP4	`libgit2-24 >= 0.24.1-7.9.1`	Patchnames: SUSE-SLE-SDK-12-SP4-2019-24
SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5	`libgit2-24 >= 0.24.1-7.9.1`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP5 GA libgit2-0.24.1-7.9.1 SUSE Linux Enterprise Software Development Kit 12 SP5 GA libgit2-24-0.24.1-7.9.1
SUSE Manager Server 3.1	`libgit2-24 >= 0.24.1-7.9.1`	Patchnames: SUSE-SUSE-Manager-Server-3.1-2019-24
SUSE Manager Server 3.2	`libgit2-24 >= 0.24.1-7.9.1`	Patchnames: SUSE-SUSE-Manager-Server-3.2-2019-24

SUSE Timeline for this CVE

CVE page created: Wed Mar 27 19:40:21 2019
CVE page last modified: Sun Jun 16 00:17:50 2024