Upstream information
CVE-2020-27225 at MITRE
Description
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process.
SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
SUSE Bugzilla entry:
1183728 [NEW]
SUSE Security Advisories:
List of released packages
Product(s) | Fixed package version(s) | References |
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 |
eclipse >= 4.9.0-4.3.8
eclipse-bootstrap >= 4.9.0-4.3.8
eclipse-contributor-tools >= 4.9.0-4.3.8
eclipse-contributor-tools-bootstrap >= 4.9.0-4.3.8
eclipse-equinox-osgi >= 4.9.0-4.3.8
eclipse-equinox-osgi-bootstrap >= 4.9.0-4.3.8
eclipse-jdt >= 4.9.0-4.3.8
eclipse-jdt-bootstrap >= 4.9.0-4.3.8
eclipse-p2-discovery >= 4.9.0-4.3.8
eclipse-p2-discovery-bootstrap >= 4.9.0-4.3.8
eclipse-pde >= 4.9.0-4.3.8
eclipse-pde-bootstrap >= 4.9.0-4.3.8
eclipse-platform >= 4.9.0-4.3.8
eclipse-platform-bootstrap >= 4.9.0-4.3.8
eclipse-swt >= 4.9.0-4.3.8
eclipse-swt-bootstrap >= 4.9.0-4.3.8
eclipse-tests >= 4.9.0-4.3.8
eclipse-tests-bootstrap >= 4.9.0-4.3.8
| Patchnames: SUSE-SLE-Module-Development-Tools-OBS-15-SP2-2021-957 |
openSUSE Leap 15.2 |
eclipse >= 4.9.0-lp152.3.3.1
eclipse-bootstrap >= 4.9.0-lp152.3.3.1
eclipse-bootstrap-debuginfo >= 4.9.0-lp152.3.3.1
eclipse-bootstrap-debugsource >= 4.9.0-lp152.3.3.1
eclipse-contributor-tools >= 4.9.0-lp152.3.3.1
eclipse-contributor-tools-bootstrap >= 4.9.0-lp152.3.3.1
eclipse-debuginfo >= 4.9.0-lp152.3.3.1
eclipse-debugsource >= 4.9.0-lp152.3.3.1
eclipse-equinox-osgi >= 4.9.0-lp152.3.3.1
eclipse-equinox-osgi-bootstrap >= 4.9.0-lp152.3.3.1
eclipse-jdt >= 4.9.0-lp152.3.3.1
eclipse-jdt-bootstrap >= 4.9.0-lp152.3.3.1
eclipse-p2-discovery >= 4.9.0-lp152.3.3.1
eclipse-p2-discovery-bootstrap >= 4.9.0-lp152.3.3.1
eclipse-pde >= 4.9.0-lp152.3.3.1
eclipse-pde-bootstrap >= 4.9.0-lp152.3.3.1
eclipse-platform >= 4.9.0-lp152.3.3.1
eclipse-platform-bootstrap >= 4.9.0-lp152.3.3.1
eclipse-platform-bootstrap-debuginfo >= 4.9.0-lp152.3.3.1
eclipse-platform-debuginfo >= 4.9.0-lp152.3.3.1
eclipse-swt >= 4.9.0-lp152.3.3.1
eclipse-swt-bootstrap >= 4.9.0-lp152.3.3.1
eclipse-swt-bootstrap-debuginfo >= 4.9.0-lp152.3.3.1
eclipse-swt-debuginfo >= 4.9.0-lp152.3.3.1
eclipse-tests >= 4.9.0-lp152.3.3.1
eclipse-tests-bootstrap >= 4.9.0-lp152.3.3.1
| Patchnames: openSUSE-2021-485 |