Search criteria
360 vulnerabilities found for Ubuntu Linux by Canonical
CVE-2025-13350 (GCVE-0-2025-13350)
Vulnerability from nvd – Published: 2026-03-05 18:56 – Updated: 2026-03-06 10:37- CWE-416 - Use After Free
| URL | Tags | |
|---|---|---|
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | Ubuntu Linux |
Affected:
6.8.0-56.58 , < 6.8.0-84.84
(dpkg)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-03-05T20:11:41.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/03/05/7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-06T10:37:26.433118Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T10:37:47.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://launchpad.net/ubuntu/+source/",
"defaultStatus": "unaffected",
"modules": [
"AF_UNIX"
],
"packageName": "linux",
"product": "Ubuntu Linux",
"programFiles": [
"net/unix/garbage.c"
],
"programRoutines": [
{
"name": "unix_gc()"
}
],
"repo": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/",
"vendor": "Canonical",
"versions": [
{
"lessThan": "6.8.0-84.84",
"status": "affected",
"version": "6.8.0-56.58",
"versionType": "dpkg"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Noam Rathaus"
}
],
"descriptions": [
{
"lang": "en",
"value": "Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 (\"af_unix: Don\u2019t call skb_get() for OOB skb\"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as if OOB SKBs held two references; on Ubuntu Linux 6.8 (Noble Numbat) kernel tree, they have only the queue reference, so the buffer is freed while still reachable and subsequent queue walks dereference freed memory, yielding a reliable local privilege escalation (LPE) caused by a use-after-free (UAF). Ubuntu builds that have already taken the new GC stack from commit 4090fa373f0e, and mainline Linux kernels shipping that infrastructure are unaffected because they no longer execute the legacy collector path. This issue affects Ubuntu Linux from 6.8.0-56.58 before 6.8.0-84.84."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T18:56:03.433Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2121515"
},
{
"tags": [
"patch"
],
"url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?id=79cbc2a1d4f61e492ddac5da65b075836675f94d"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use-after-free of orphaned AF_UNIX in Ubuntu builds of Linux kernel",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2025-13350",
"datePublished": "2026-03-05T18:56:03.433Z",
"dateReserved": "2025-11-18T09:33:14.643Z",
"dateUpdated": "2026-03-06T10:37:47.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0927 (GCVE-0-2025-0927)
Vulnerability from nvd – Published: 2025-03-23 15:00 – Updated: 2026-01-22 16:58This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAP_SYS_ADMIN in the initial user namespace. That includes delegated mounting.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2026-01-22T16:58:46.079Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAP_SYS_ADMIN in the initial user namespace. That includes delegated mounting."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2025-0927",
"datePublished": "2025-03-23T15:00:47.770Z",
"dateRejected": "2025-04-08T08:07:06.833Z",
"dateReserved": "2025-01-31T10:42:56.521Z",
"dateUpdated": "2026-01-22T16:58:46.079Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13350 (GCVE-0-2025-13350)
Vulnerability from cvelistv5 – Published: 2026-03-05 18:56 – Updated: 2026-03-06 10:37- CWE-416 - Use After Free
| URL | Tags | |
|---|---|---|
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | Ubuntu Linux |
Affected:
6.8.0-56.58 , < 6.8.0-84.84
(dpkg)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-03-05T20:11:41.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/03/05/7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-06T10:37:26.433118Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T10:37:47.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://launchpad.net/ubuntu/+source/",
"defaultStatus": "unaffected",
"modules": [
"AF_UNIX"
],
"packageName": "linux",
"product": "Ubuntu Linux",
"programFiles": [
"net/unix/garbage.c"
],
"programRoutines": [
{
"name": "unix_gc()"
}
],
"repo": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/",
"vendor": "Canonical",
"versions": [
{
"lessThan": "6.8.0-84.84",
"status": "affected",
"version": "6.8.0-56.58",
"versionType": "dpkg"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Noam Rathaus"
}
],
"descriptions": [
{
"lang": "en",
"value": "Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 (\"af_unix: Don\u2019t call skb_get() for OOB skb\"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as if OOB SKBs held two references; on Ubuntu Linux 6.8 (Noble Numbat) kernel tree, they have only the queue reference, so the buffer is freed while still reachable and subsequent queue walks dereference freed memory, yielding a reliable local privilege escalation (LPE) caused by a use-after-free (UAF). Ubuntu builds that have already taken the new GC stack from commit 4090fa373f0e, and mainline Linux kernels shipping that infrastructure are unaffected because they no longer execute the legacy collector path. This issue affects Ubuntu Linux from 6.8.0-56.58 before 6.8.0-84.84."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T18:56:03.433Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2121515"
},
{
"tags": [
"patch"
],
"url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?id=79cbc2a1d4f61e492ddac5da65b075836675f94d"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use-after-free of orphaned AF_UNIX in Ubuntu builds of Linux kernel",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2025-13350",
"datePublished": "2026-03-05T18:56:03.433Z",
"dateReserved": "2025-11-18T09:33:14.643Z",
"dateUpdated": "2026-03-06T10:37:47.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0927 (GCVE-0-2025-0927)
Vulnerability from cvelistv5 – Published: 2025-03-23 15:00 – Updated: 2026-01-22 16:58This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAP_SYS_ADMIN in the initial user namespace. That includes delegated mounting.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2026-01-22T16:58:46.079Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAP_SYS_ADMIN in the initial user namespace. That includes delegated mounting."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2025-0927",
"datePublished": "2025-03-23T15:00:47.770Z",
"dateRejected": "2025-04-08T08:07:06.833Z",
"dateReserved": "2025-01-31T10:42:56.521Z",
"dateUpdated": "2026-01-22T16:58:46.079Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
VAR-202008-1238
Vulnerability from variot - Updated: 2024-07-23 22:19In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. runc is a CLI (command line interface) tool for building and running containers according to the OCI specification. Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
-
bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622)
-
bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/):
1869473 - CVE-2020-8622 bind: truncated TSIG response can lead to an assertion failure 1869477 - CVE-2020-8623 bind: remotely triggerable assertion failure in pk11.c
- Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6):
Source: bind-9.9.4-74.el7_6.5.src.rpm
noarch: bind-license-9.9.4-74.el7_6.5.noarch.rpm
x86_64: bind-debuginfo-9.9.4-74.el7_6.5.i686.rpm bind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm bind-libs-9.9.4-74.el7_6.5.i686.rpm bind-libs-9.9.4-74.el7_6.5.x86_64.rpm bind-libs-lite-9.9.4-74.el7_6.5.i686.rpm bind-libs-lite-9.9.4-74.el7_6.5.x86_64.rpm bind-utils-9.9.4-74.el7_6.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6):
x86_64: bind-9.9.4-74.el7_6.5.x86_64.rpm bind-chroot-9.9.4-74.el7_6.5.x86_64.rpm bind-debuginfo-9.9.4-74.el7_6.5.i686.rpm bind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm bind-devel-9.9.4-74.el7_6.5.i686.rpm bind-devel-9.9.4-74.el7_6.5.x86_64.rpm bind-lite-devel-9.9.4-74.el7_6.5.i686.rpm bind-lite-devel-9.9.4-74.el7_6.5.x86_64.rpm bind-pkcs11-9.9.4-74.el7_6.5.x86_64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.i686.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.x86_64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.i686.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.x86_64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.5.x86_64.rpm bind-sdb-9.9.4-74.el7_6.5.x86_64.rpm bind-sdb-chroot-9.9.4-74.el7_6.5.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: bind-9.9.4-74.el7_6.5.src.rpm
noarch: bind-license-9.9.4-74.el7_6.5.noarch.rpm
ppc64: bind-9.9.4-74.el7_6.5.ppc64.rpm bind-chroot-9.9.4-74.el7_6.5.ppc64.rpm bind-debuginfo-9.9.4-74.el7_6.5.ppc.rpm bind-debuginfo-9.9.4-74.el7_6.5.ppc64.rpm bind-libs-9.9.4-74.el7_6.5.ppc.rpm bind-libs-9.9.4-74.el7_6.5.ppc64.rpm bind-libs-lite-9.9.4-74.el7_6.5.ppc.rpm bind-libs-lite-9.9.4-74.el7_6.5.ppc64.rpm bind-utils-9.9.4-74.el7_6.5.ppc64.rpm
ppc64le: bind-9.9.4-74.el7_6.5.ppc64le.rpm bind-chroot-9.9.4-74.el7_6.5.ppc64le.rpm bind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm bind-libs-9.9.4-74.el7_6.5.ppc64le.rpm bind-libs-lite-9.9.4-74.el7_6.5.ppc64le.rpm bind-pkcs11-9.9.4-74.el7_6.5.ppc64le.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64le.rpm bind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64le.rpm bind-utils-9.9.4-74.el7_6.5.ppc64le.rpm
s390x: bind-9.9.4-74.el7_6.5.s390x.rpm bind-chroot-9.9.4-74.el7_6.5.s390x.rpm bind-debuginfo-9.9.4-74.el7_6.5.s390.rpm bind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm bind-libs-9.9.4-74.el7_6.5.s390.rpm bind-libs-9.9.4-74.el7_6.5.s390x.rpm bind-libs-lite-9.9.4-74.el7_6.5.s390.rpm bind-libs-lite-9.9.4-74.el7_6.5.s390x.rpm bind-utils-9.9.4-74.el7_6.5.s390x.rpm
x86_64: bind-9.9.4-74.el7_6.5.x86_64.rpm bind-chroot-9.9.4-74.el7_6.5.x86_64.rpm bind-debuginfo-9.9.4-74.el7_6.5.i686.rpm bind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm bind-libs-9.9.4-74.el7_6.5.i686.rpm bind-libs-9.9.4-74.el7_6.5.x86_64.rpm bind-libs-lite-9.9.4-74.el7_6.5.i686.rpm bind-libs-lite-9.9.4-74.el7_6.5.x86_64.rpm bind-pkcs11-9.9.4-74.el7_6.5.x86_64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.i686.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.x86_64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.5.x86_64.rpm bind-utils-9.9.4-74.el7_6.5.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: bind-9.9.4-74.el7_6.5.src.rpm
aarch64: bind-9.9.4-74.el7_6.5.aarch64.rpm bind-chroot-9.9.4-74.el7_6.5.aarch64.rpm bind-debuginfo-9.9.4-74.el7_6.5.aarch64.rpm bind-libs-9.9.4-74.el7_6.5.aarch64.rpm bind-libs-lite-9.9.4-74.el7_6.5.aarch64.rpm bind-pkcs11-9.9.4-74.el7_6.5.aarch64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.aarch64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.5.aarch64.rpm bind-utils-9.9.4-74.el7_6.5.aarch64.rpm
noarch: bind-license-9.9.4-74.el7_6.5.noarch.rpm
ppc64le: bind-9.9.4-74.el7_6.5.ppc64le.rpm bind-chroot-9.9.4-74.el7_6.5.ppc64le.rpm bind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm bind-libs-9.9.4-74.el7_6.5.ppc64le.rpm bind-libs-lite-9.9.4-74.el7_6.5.ppc64le.rpm bind-pkcs11-9.9.4-74.el7_6.5.ppc64le.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64le.rpm bind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64le.rpm bind-utils-9.9.4-74.el7_6.5.ppc64le.rpm
s390x: bind-9.9.4-74.el7_6.5.s390x.rpm bind-chroot-9.9.4-74.el7_6.5.s390x.rpm bind-debuginfo-9.9.4-74.el7_6.5.s390.rpm bind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm bind-libs-9.9.4-74.el7_6.5.s390.rpm bind-libs-9.9.4-74.el7_6.5.s390x.rpm bind-libs-lite-9.9.4-74.el7_6.5.s390.rpm bind-libs-lite-9.9.4-74.el7_6.5.s390x.rpm bind-utils-9.9.4-74.el7_6.5.s390x.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.6):
ppc64: bind-debuginfo-9.9.4-74.el7_6.5.ppc.rpm bind-debuginfo-9.9.4-74.el7_6.5.ppc64.rpm bind-devel-9.9.4-74.el7_6.5.ppc.rpm bind-devel-9.9.4-74.el7_6.5.ppc64.rpm bind-lite-devel-9.9.4-74.el7_6.5.ppc.rpm bind-lite-devel-9.9.4-74.el7_6.5.ppc64.rpm bind-pkcs11-9.9.4-74.el7_6.5.ppc64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.ppc.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.ppc64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.ppc.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64.rpm bind-sdb-9.9.4-74.el7_6.5.ppc64.rpm bind-sdb-chroot-9.9.4-74.el7_6.5.ppc64.rpm
ppc64le: bind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm bind-devel-9.9.4-74.el7_6.5.ppc64le.rpm bind-lite-devel-9.9.4-74.el7_6.5.ppc64le.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.ppc64le.rpm bind-sdb-9.9.4-74.el7_6.5.ppc64le.rpm bind-sdb-chroot-9.9.4-74.el7_6.5.ppc64le.rpm
s390x: bind-debuginfo-9.9.4-74.el7_6.5.s390.rpm bind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm bind-devel-9.9.4-74.el7_6.5.s390.rpm bind-devel-9.9.4-74.el7_6.5.s390x.rpm bind-lite-devel-9.9.4-74.el7_6.5.s390.rpm bind-lite-devel-9.9.4-74.el7_6.5.s390x.rpm bind-pkcs11-9.9.4-74.el7_6.5.s390x.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.s390.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.s390x.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.s390.rpm bind-pkcs11-libs-9.9.4-74.el7_6.5.s390x.rpm bind-pkcs11-utils-9.9.4-74.el7_6.5.s390x.rpm bind-sdb-9.9.4-74.el7_6.5.s390x.rpm bind-sdb-chroot-9.9.4-74.el7_6.5.s390x.rpm
x86_64: bind-debuginfo-9.9.4-74.el7_6.5.i686.rpm bind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm bind-devel-9.9.4-74.el7_6.5.i686.rpm bind-devel-9.9.4-74.el7_6.5.x86_64.rpm bind-lite-devel-9.9.4-74.el7_6.5.i686.rpm bind-lite-devel-9.9.4-74.el7_6.5.x86_64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.i686.rpm bind-pkcs11-devel-9.9.4-74.el7_6.5.x86_64.rpm bind-sdb-9.9.4-74.el7_6.5.x86_64.rpm bind-sdb-chroot-9.9.4-74.el7_6.5.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update Advisory ID: RHSA-2020:5633-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2020:5633 Issue date: 2021-02-24 CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14553 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2018-20843 CVE-2019-3884 CVE-2019-5018 CVE-2019-6977 CVE-2019-6978 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9455 CVE-2019-9458 CVE-2019-11068 CVE-2019-12614 CVE-2019-13050 CVE-2019-13225 CVE-2019-13627 CVE-2019-14889 CVE-2019-15165 CVE-2019-15166 CVE-2019-15903 CVE-2019-15917 CVE-2019-15925 CVE-2019-16167 CVE-2019-16168 CVE-2019-16231 CVE-2019-16233 CVE-2019-16935 CVE-2019-17450 CVE-2019-17546 CVE-2019-18197 CVE-2019-18808 CVE-2019-18809 CVE-2019-19046 CVE-2019-19056 CVE-2019-19062 CVE-2019-19063 CVE-2019-19068 CVE-2019-19072 CVE-2019-19221 CVE-2019-19319 CVE-2019-19332 CVE-2019-19447 CVE-2019-19524 CVE-2019-19533 CVE-2019-19537 CVE-2019-19543 CVE-2019-19602 CVE-2019-19767 CVE-2019-19770 CVE-2019-19906 CVE-2019-19956 CVE-2019-20054 CVE-2019-20218 CVE-2019-20386 CVE-2019-20387 CVE-2019-20388 CVE-2019-20454 CVE-2019-20636 CVE-2019-20807 CVE-2019-20812 CVE-2019-20907 CVE-2019-20916 CVE-2020-0305 CVE-2020-0444 CVE-2020-1716 CVE-2020-1730 CVE-2020-1751 CVE-2020-1752 CVE-2020-1971 CVE-2020-2574 CVE-2020-2752 CVE-2020-2922 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3898 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-6405 CVE-2020-7595 CVE-2020-7774 CVE-2020-8177 CVE-2020-8492 CVE-2020-8563 CVE-2020-8566 CVE-2020-8619 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9327 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-10018 CVE-2020-10029 CVE-2020-10732 CVE-2020-10749 CVE-2020-10751 CVE-2020-10763 CVE-2020-10773 CVE-2020-10774 CVE-2020-10942 CVE-2020-11565 CVE-2020-11668 CVE-2020-11793 CVE-2020-12465 CVE-2020-12655 CVE-2020-12659 CVE-2020-12770 CVE-2020-12826 CVE-2020-13249 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-14019 CVE-2020-14040 CVE-2020-14381 CVE-2020-14382 CVE-2020-14391 CVE-2020-14422 CVE-2020-15157 CVE-2020-15503 CVE-2020-15862 CVE-2020-15999 CVE-2020-16166 CVE-2020-24490 CVE-2020-24659 CVE-2020-25211 CVE-2020-25641 CVE-2020-25658 CVE-2020-25661 CVE-2020-25662 CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 CVE-2020-25694 CVE-2020-25696 CVE-2020-26160 CVE-2020-27813 CVE-2020-27846 CVE-2020-28362 CVE-2020-29652 CVE-2021-2007 CVE-2021-3121 =====================================================================
- Summary:
Red Hat OpenShift Container Platform release 4.7.0 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.0. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-2020:5634
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64
The image digest is sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-s390x
The image digest is sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le
The image digest is sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor.
Security Fix(es):
-
crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)
-
golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)
-
gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
-
nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)
-
kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider (CVE-2020-8563)
-
containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)
-
heketi: gluster-block volume password details available in logs (CVE-2020-10763)
-
golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
-
jwt-go: access restriction bypass vulnerability (CVE-2020-26160)
-
golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
-
golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For OpenShift Container Platform 4.7, see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html.
- Bugs fixed (https://bugzilla.redhat.com/):
1620608 - Restoring deployment config with history leads to weird state
1752220 - [OVN] Network Policy fails to work when project label gets overwritten
1756096 - Local storage operator should implement must-gather spec
1756173 - /etc/udev/rules.d/66-azure-storage.rules missing from initramfs
1768255 - installer reports 100% complete but failing components
1770017 - Init containers restart when the exited container is removed from node.
1775057 - [MSTR-485] Cluster is abnormal after etcd backup/restore when the backup is conducted during etcd encryption is migrating
1775444 - RFE: k8s cpu manager does not restrict /usr/bin/pod cpuset
1777038 - Cluster scaled beyond host subnet limits does not fire alert or cleanly report why it cannot scale
1777224 - InfraID in metadata.json and .openshift_install_state.json is not consistent when repeating create commands
1784298 - "Displaying with reduced resolution due to large dataset." would show under some conditions
1785399 - Under condition of heavy pod creation, creation fails with 'error reserving pod name ...: name is reserved"
1797766 - Resource Requirements" specDescriptor fields - CPU and Memory injects empty string YAML editor
1801089 - [OVN] Installation failed and monitoring pod not created due to some network error.
1805025 - [OSP] Machine status doesn't become "Failed" when creating a machine with invalid image
1805639 - Machine status should be "Failed" when creating a machine with invalid machine configuration
1806000 - CRI-O failing with: error reserving ctr name
1806915 - openshift-service-ca: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be
1806917 - openshift-service-ca-operator: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be
1810438 - Installation logs are not gathered from OCP nodes
1812085 - kubernetes-networking-namespace-pods dashboard doesn't exist
1812412 - Monitoring Dashboard: on restricted cluster, query timed out in expression evaluation
1813012 - EtcdDiscoveryDomain no longer needed
1813949 - openshift-install doesn't use env variables for OS_* for some of API endpoints
1816812 - OpenShift test suites are not resilient to rate limited registries (like docker.io) and cannot control their dependencies for offline use
1819053 - loading OpenAPI spec for "v1beta1.metrics.k8s.io" failed with: OpenAPI spec does not exist
1819457 - Package Server is in 'Cannot update' status despite properly working
1820141 - [RFE] deploy qemu-quest-agent on the nodes
1822744 - OCS Installation CI test flaking
1824038 - Integration Tests: StaleElementReferenceError in OLM single-installmode scenario
1825892 - StorageClasses and PVs are not cleaned completely after running the csi verification tool
1826301 - Wrong NodeStatus reports in file-integrity scan when configuration error in aide.conf file
1829723 - User workload monitoring alerts fire out of the box
1832968 - oc adm catalog mirror does not mirror the index image itself
1833012 - Lower OVNKubernetes HTTP E/W performance compared with OpenShiftSDN
1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
1834995 - olmFull suite always fails once th suite is run on the same cluster
1836017 - vSphere UPI: Both Internal and External load balancers for kube-apiserver should use /readyz
1837953 - Replacing masters doesn't work for ovn-kubernetes 4.4
1838352 - OperatorExited, Pending marketplace-operator-... pod for several weeks
1838751 - [oVirt][Tracker] Re-enable skipped network tests
1839239 - csi-snapshot-controller flickers Degraded=True on etcd hiccups
1840759 - [aws-ebs-csi-driver] The volume created by aws ebs csi driver can not be deleted when the cluster is destroyed
1841039 - authentication-operator: Add e2e test for password grants to Keycloak being set as OIDC IdP
1841119 - Get rid of config patches and pass flags directly to kcm
1841175 - When an Install Plan gets deleted, OLM does not create a new one
1841381 - Issue with memoryMB validation
1841885 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option
1844727 - Etcd container leaves grep and lsof zombie processes
1845387 - CVE-2020-10763 heketi: gluster-block volume password details available in logs
1847074 - Filter bar layout issues at some screen widths on search page
1848358 - CRDs with preserveUnknownFields:true don't reflect in status that they are non-structural
1849543 - [4.5]kubeletconfig's description will show multiple lines for finalizers when upgrade from 4.4.8->4.5
1851103 - Use of NetworkManager-wait-online.service in rhcos-growpart.service
1851203 - [GSS] [RFE] Need a simpler representation of capactiy breakdown in total usage and per project breakdown in OCS 4 dashboard
1851351 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing
1851693 - The oc apply should return errors instead of hanging there when failing to create the CRD
1852289 - Upgrade testsuite fails on ppc64le environment - Unsupported LoadBalancer service
1853115 - the restriction of --cloud option should be shown in help text.
1853116 - --to option does not work with --credentials-requests flag.
1853352 - [v2v][UI] Storage Class fields Should Not be empty in VM disks view
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854567 - "Installed Operators" list showing "duplicated" entries during installation
1855325 - [Feature:Prometheus][Conformance] Prometheus when installed on the cluster [Top Level] [Feature:Prometheus][Conformance] Prometheus when installed on the cluster should report telemetry if a cloud.openshift.com token is present
1855351 - Inconsistent Installer reactions to Ctrl-C during user input process
1855408 - OVN cluster unstable after running minimal scale test
1856351 - Build page should show metrics for when the build ran, not the last 30 minutes
1856354 - New APIServices missing from OpenAPI definitions
1857446 - ARO/Azure: excessive pod memory allocation causes node lockup
1857877 - Operator upgrades can delete existing CSV before completion
1858578 - [v2v] [ui] VM import RHV to CNV Target VM Name longer than 63 chars should not be allowed
1859174 - [IPI][OSP] Having errors from 4.3 to 4.6 about Security group rule already created
1860136 - default ingress does not propagate annotations to route object on update
1860322 - [OCPv4.5.2] after unexpected shutdown one of RHV Hypervisors, OCP worker nodes machine are marked as "Failed"
1860518 - unable to stop a crio pod
1861383 - Route with haproxy.router.openshift.io/timeout: 365d kills the ingress controller
1862430 - LSO: PV creation lock should not be acquired in a loop
1862489 - LSO autoprovisioning should exclude top level disks that are part of LVM volume group.
1862608 - Virtual media does not work on hosts using BIOS, only UEFI
1862918 - [v2v] User should only select SRIOV network when importin vm with SRIOV network
1865743 - Some pods are stuck in ContainerCreating and some sdn pods are in CrashLoopBackOff
1865839 - rpm-ostree fails with "System transaction in progress" when moving to kernel-rt
1866043 - Configurable table column headers can be illegible
1866087 - Examining agones helm chart resources results in "Oh no!"
1866261 - Need to indicate the intentional behavior for Ansible in the create api help info
1866298 - [RHOCS Usability Study][Installation] Labeling the namespace should be a part of the installation flow or be clearer as a requirement
1866320 - [RHOCS Usability Study][Dashboard] Users were confused by Available Capacity and the Total Capacity
1866334 - [RHOCS Usability Study][Installation] On the Operator installation page, there’s no indication on which labels offer tooltip/help
1866340 - [RHOCS Usability Study][Dashboard] It was not clear why “No persistent storage alerts” was prominently displayed
1866343 - [RHOCS Usability Study][Dashboard] User wanted to know the time frame for Data Consumption, e.g I/O Operations
1866445 - kola --basic-qemu-scenarios scenario fail on ppc64le & s390x
1866482 - Few errors are seen when oc adm must-gather is run
1866605 - No metadata.generation set for build and buildconfig objects
1866873 - MCDDrainError "Drain failed on , updates may be blocked" missing rendered node name
1866901 - Deployment strategy for BMO allows multiple pods to run at the same time
1866925 - openshift-install destroy cluster should fail quickly when provided with invalid credentials on Azure.
1867165 - Cannot assign static address to baremetal install bootstrap vm
1867380 - When using webhooks in OCP 4.5 fails to rollout latest deploymentconfig
1867400 - [OCs 4.5]UI should not allow creation of second storagecluster of different mode in a single OCS
1867477 - HPA monitoring cpu utilization fails for deployments which have init containers
1867518 - [oc] oc should not print so many goroutines when ANY command fails
1867608 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster
1867965 - OpenShift Console Deployment Edit overwrites deployment yaml
1868004 - opm index add appears to produce image with wrong registry server binary
1868065 - oc -o jsonpath prints possible warning / bug "Unable to decode server response into a Table"
1868104 - Baremetal actuator should not delete Machine objects
1868125 - opm index add is not creating an index with valid images when --permissive flag is added, the index is empty instead
1868384 - CLI does not save login credentials as expected when using the same username in multiple clusters
1868527 - OpenShift Storage using VMWare vSAN receives error "Failed to add disk 'scsi0:2'" when mounted pod is created on separate node
1868645 - After a disaster recovery pods a stuck in "NodeAffinity" state and not running
1868748 - ClusterProvisioningIP in baremetal platform has wrong JSON annotation
1868765 - [vsphere][ci] could not reserve an IP address: no available addresses
1868770 - catalogSource named "redhat-operators" deleted in a disconnected cluster
1868976 - Prometheus error opening query log file on EBS backed PVC
1869293 - The configmap name looks confusing in aide-ds pod logs
1869606 - crio's failing to delete a network namespace
1870337 - [sig-storage] Managed cluster should have no crashlooping recycler pods over four minutes
1870342 - [sig-scheduling] SchedulerPredicates [Serial] validates resource limits of pods that are allowed to run [Conformance]
1870373 - Ingress Operator reports available when DNS fails to provision
1870467 - D/DC Part of Helm / Operator Backed should not have HPA
1870728 - openshift-install creates expired ignition files from stale .openshift_install_state.json
1870800 - [4.6] Managed Column not appearing on Pods Details page
1871170 - e2e tests are needed to validate the functionality of the etcdctl container
1872001 - EtcdDiscoveryDomain no longer needed
1872095 - content are expanded to the whole line when only one column in table on Resource Details page
1872124 - Could not choose device type as "disk" or "part" when create localvolumeset from web console
1872128 - Can't run container with hostPort on ipv6 cluster
1872166 - 'Silences' link redirects to unexpected 'Alerts' view after creating a silence in the Developer perspective
1872251 - [aws-ebs-csi-driver] Verify job in CI doesn't check for vendor dir sanity
1872786 - Rules in kube-apiserver.rules are taking too long and consuming too much memory for Prometheus to evaluate them
1872821 - [DOC] Typo in Ansible Operator Tutorial
1872907 - Fail to create CR from generated Helm Base Operator
1872923 - Click "Cancel" button on the "initialization-resource" creation form page should send users to the "Operator details" page instead of "Install Operator" page (previous page)
1873007 - [downstream] failed to read config when running the operator-sdk in the home path
1873030 - Subscriptions without any candidate operators should cause resolution to fail
1873043 - Bump to latest available 1.19.x k8s
1873114 - Nodes goes into NotReady state (VMware)
1873288 - Changing Cluster-Wide Pull Secret Does Not Trigger Updates In Kubelet Filesystem
1873305 - Failed to power on /inspect node when using Redfish protocol
1873326 - Accessibility - The symbols e.g checkmark in the overview page has no text description, label, or other accessible information
1873480 - Accessibility - No text description, alt text, label, or other accessible information associated with the help icon: “?” button/icon in Developer Console ->Navigation
1873556 - [Openstack] HTTP_PROXY setting for NetworkManager-resolv-prepender not working
1873593 - MCO fails to cope with ContainerRuntimeConfig thas has a name > 63 characters
1874057 - Pod stuck in CreateContainerError - error msg="container_linux.go:348: starting container process caused \"chdir to cwd (\\"/mount-point\\") set in config.json failed: permission denied\""
1874074 - [CNV] Windows 2019 Default Template Not Defaulting to Proper NIC/Storage Driver
1874192 - [RFE] "Create Backing Store" page doesn't allow to select already defined k8s secret as target bucket credentials when Google Cloud Storage is selected as a provider
1874240 - [vsphere] unable to deprovision - Runtime error list attached objects
1874248 - Include validation for vcenter host in the install-config
1874340 - vmware: NodeClockNotSynchronising alert is triggered in openshift cluster after upgrading form 4.4.16 to 4.5.6
1874583 - apiserver tries and fails to log an event when shutting down
1874584 - add retry for etcd errors in kube-apiserver
1874638 - Missing logging for nbctl daemon
1874736 - [downstream] no version info for the helm-operator
1874901 - add utm_source parameter to Red Hat Marketplace URLs for attribution
1874968 - Accessibility: The project selection drop down is a keyboard trap
1875247 - Dependency resolution error "found more than one head for channel" is unhelpful for users
1875516 - disabled scheduling is easy to miss in node page of OCP console
1875598 - machine status is Running for a master node which has been terminated from the console
1875806 - When creating a service of type "LoadBalancer" (Kuryr,OVN) communication through this loadbalancer failes after 2-5 minutes.
1876166 - need to be able to disable kube-apiserver connectivity checks
1876469 - Invalid doc link on yaml template schema description
1876701 - podCount specDescriptor change doesn't take effect on operand details page
1876815 - Installer uses the environment variable OS_CLOUD for manifest generation despite explicit prompt
1876935 - AWS volume snapshot is not deleted after the cluster is destroyed
1877071 - vSphere IPI - Nameserver limits were exceeded, some nameservers have been omitted
1877105 - add redfish to enabled_bios_interfaces
1877116 - e2e aws calico tests fail with rpc error: code = ResourceExhausted
1877273 - [OVN] EgressIP cannot fail over to available nodes after one egressIP node shutdown
1877648 - [sriov]VF from allocatable and capacity of node is incorrect when the policy is only 'rootDevices'
1877681 - Manually created PV can not be used
1877693 - dnsrecords specify recordTTL as 30 but the value is null in AWS Route 53
1877740 - RHCOS unable to get ip address during first boot
1877812 - [ROKS] IBM cloud failed to terminate OSDs when upgraded between internal builds of OCS 4.5
1877919 - panic in multus-admission-controller
1877924 - Cannot set BIOS config using Redfish with Dell iDracs
1878022 - Met imagestreamimport error when import the whole image repository
1878086 - OCP 4.6+OCS 4.6(multiple SC) Internal Mode- UI should populate the default "Filesystem Name" instead of providing a textbox, & the name should be validated
1878301 - [4.6] [UI] Unschedulable used to always be displayed when Node is Ready status
1878701 - After deleting and recreating a VM with same name, the VM events contain the events from the old VM
1878766 - CPU consumption on nodes is higher than the CPU count of the node.
1878772 - On the nodes there are up to 547 zombie processes caused by thanos and Prometheus.
1878823 - "oc adm release mirror" generating incomplete imageContentSources when using "--to" and "--to-release-image"
1878845 - 4.5 to 4.6.rc.4 upgrade failure: authentication operator health check connection refused for multitenant mode
1878900 - Installer complains about not enough vcpu for the baremetal flavor where generic bm flavor is being used
1878953 - RBAC error shows when normal user access pvc upload page
1878956 - oc api-resources does not include API version
1878972 - oc adm release mirror removes the architecture information
1879013 - [RFE]Improve CD-ROM interface selection
1879056 - UI should allow to change or unset the evictionStrategy
1879057 - [CSI Certificate Test] Test failed for CSI certification tests for CSIdriver openshift-storage.rbd.csi.ceph.com with RWX enabled
1879094 - RHCOS dhcp kernel parameters not working as expected
1879099 - Extra reboot during 4.5 -> 4.6 upgrade
1879244 - Error adding container to network "ipvlan-host-local": "master" field is required
1879248 - OLM Cert Dir for Webhooks does not align SDK/Kubebuilder
1879282 - Update OLM references to point to the OLM's new doc site
1879283 - panic after nil pointer dereference in pkg/daemon/update.go
1879365 - Overlapping, divergent openshift-cluster-storage-operator manifests
1879419 - [RFE]Improve boot source description for 'Container' and ‘URL’
1879430 - openshift-object-counts quota is not dynamically updating as the resource is deleted.
1879565 - IPv6 installation fails on node-valid-hostname
1879777 - Overlapping, divergent openshift-machine-api namespace manifests
1879878 - Messages flooded in thanos-querier pod- oauth-proxy container: Authorization header does not start with 'Basic', skipping basic authentication in Log message in thanos-querier pod the oauth-proxy
1879930 - Annotations shouldn't be removed during object reconciliation
1879976 - No other channel visible from console
1880068 - image pruner is not aware of image policy annotation, StatefulSets, etc.
1880148 - dns daemonset rolls out slowly in large clusters
1880161 - Actuator Update calls should have fixed retry time
1880259 - additional network + OVN network installation failed
1880389 - Pipeline Runs with skipped Tasks incorrectly show Tasks as "Failed"
1880410 - Convert Pipeline Visualization node to SVG
1880417 - [vmware] Fail to boot with Secure Boot enabled, kernel lockdown denies iopl access to afterburn
1880443 - broken machine pool management on OpenStack
1880450 - Host failed to install because its installation stage joined took longer than expected 20m0s.
1880473 - IBM Cloudpak operators installation stuck "UpgradePending" with InstallPlan status updates failing due to size limitation
1880680 - [4.3] [Tigera plugin] - openshift-kube-proxy fails - Failed to execute iptables-restore: exit status 4 (iptables-restore v1.8.4 (nf_tables)
1880785 - CredentialsRequest missing description in oc explain
1880787 - No description for Provisioning CRD for oc explain
1880902 - need dnsPlocy set in crd ingresscontrollers
1880913 - [DeScheduler] - change loglevel from Info to Error when priority class given in the descheduler params is not present in the cluster
1881027 - Cluster installation fails at with error : the container name \"assisted-installer\" is already in use
1881046 - [OSP] openstack-cinder-csi-driver-operator doesn't contain required manifests and assets
1881155 - operator install authentication: Authentication require functional ingress which requires at least one schedulable and ready node
1881268 - Image uploading failed but wizard claim the source is available
1881322 - kube-scheduler not scheduling pods for certificates not renewed automatically after nodes restoration
1881347 - [v2v][ui]VM Import Wizard does not call Import provider cleanup
1881881 - unable to specify target port manually resulting in application not reachable
1881898 - misalignment of sub-title in quick start headers
1882022 - [vsphere][ipi] directory path is incomplete, terraform can't find the cluster
1882057 - Not able to select access modes for snapshot and clone
1882140 - No description for spec.kubeletConfig
1882176 - Master recovery instructions don't handle IP change well
1882191 - Installation fails against external resources which lack DNS Subject Alternative Name
1882209 - [ BateMetal IPI ] local coredns resolution not working
1882210 - [release 4.7] insights-operator: Fix bug in reflector not recovering from "Too large resource version"
1882268 - [e2e][automation]Add Integration Test for Snapshots
1882361 - Retrieve and expose the latest report for the cluster
1882485 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use
1882556 - git:// protocol in origin tests is not currently proxied
1882569 - CNO: Replacing masters doesn't work for ovn-kubernetes 4.4
1882608 - Spot instance not getting created on AzureGovCloud
1882630 - Fstype is changed after deleting pv provisioned by localvolumeset instance
1882649 - IPI installer labels all images it uploads into glance as qcow2
1882653 - The Approval should display the Manual after the APPROVAL changed to Manual from the Automatic
1882658 - [RFE] Volume Snapshot is not listed under inventory in Project Details page
1882660 - Operators in a namespace should be installed together when approve one
1882667 - [ovn] br-ex Link not found when scale up RHEL worker
1882723 - [vsphere]Suggested mimimum value for providerspec not working
1882730 - z systems not reporting correct core count in recording rule
1882750 - [sig-api-machinery][Feature:APIServer][Late] kubelet terminates kube-apiserver gracefully
1882781 - nameserver= option to dracut creates extra NM connection profile
1882785 - Multi-Arch CI Jobs destroy libvirt network but occasionally leave it defined
1882844 - [IPI on vsphere] Executing 'openshift-installer destroy cluster' leaves installer tag categories in vsphere
1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability
1883388 - Bare Metal Hosts Details page doesn't show Mainitenance and Power On/Off status
1883422 - operator-sdk cleanup fail after installing operator with "run bundle" without installmode and og with ownnamespace
1883425 - Gather top installplans and their count
1883502 - Logging is broken due to mix of k8s.io/klog v1 and v2
1883523 - [sig-cli] oc adm must-gather runs successfully for audit logs [Suite:openshift/conformance/parallel]
1883538 - must gather report "cannot file manila/aws ebs/ovirt csi related namespaces and objects" error
1883560 - operator-registry image needs clean up in /tmp
1883563 - Creating duplicate namespace from create namespace modal breaks the UI
1883614 - [OCP 4.6] [UI] UI should not describe power cycle as "graceful"
1883642 - [sig-imageregistry][Feature:ImageTriggers][Serial] ImageStream admission TestImageStreamAdmitSpecUpdate
1883660 - e2e-metal-ipi CI job consistently failing on 4.4
1883765 - [user workload monitoring] improve latency of Thanos sidecar when streaming read requests
1883766 - [e2e][automation] Adjust tests for UI changes
1883768 - [user workload monitoring] The Prometheus operator should discard invalid TLS configurations
1883773 - opm alpha bundle build fails on win10 home
1883790 - revert "force cert rotation every couple days for development" in 4.7
1883803 - node pull secret feature is not working as expected
1883836 - Jenkins imagestream ubi8 and nodejs12 update
1883847 - The UI does not show checkbox for enable encryption at rest for OCS
1883853 - go list -m all does not work
1883905 - race condition in opm index add --overwrite-latest
1883946 - Understand why trident CSI pods are getting deleted by OCP
1884035 - Pods are illegally transitioning back to pending
1884041 - e2e should provide error info when minimum number of pods aren't ready in kube-system namespace
1884131 - oauth-proxy repository should run tests
1884165 - Repos should be disabled in -firstboot.service before OS extensions are applied
1884221 - IO becomes unhealthy due to a file change
1884258 - Node network alerts should work on ratio rather than absolute values
1884270 - Git clone does not support SCP-style ssh locations
1884334 - CVO marks an upgrade as failed when an operator takes more than 20 minutes to rollout
1884435 - vsphere - loopback is randomly not being added to resolver
1884565 - oauth-proxy crashes on invalid usage
1884584 - Kuryr controller continuously restarting due to unable to clean up Network Policy
1884613 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users
1884628 - ovs-configuration service fails when the external network is configured on a tagged vlan on top of a bond device on a baremetal IPI deployment
1884629 - Visusally impaired user using screen reader not able to select Admin/Developer console options in drop down menu.
1884632 - Adding BYOK disk encryption through DES
1884654 - Utilization of a VMI is not populated
1884655 - KeyError on self._existing_vifs[port_id]
1884664 - Operator install page shows "installing..." instead of going to install status page
1884672 - Failed to inspect hardware. Reason: unable to start inspection: 'idrac'
1884691 - Installer blocks cloud-credential-operator manual mode on GCP and Azure
1884724 - Quick Start: Serverless quickstart doesn't match Operator install steps
1884739 - Node process segfaulted
1884824 - Update baremetal-operator libraries to k8s 1.19
1885002 - network kube-rbac-proxy scripts crashloop rather than non-crash looping
1885138 - Wrong detection of pending state in VM details
1885151 - [Cloud Team - Cluster API Provider Azure] Logging is broken due to mix of k8s.io/klog v1 and v2
1885165 - NoRunningOvnMaster alert falsely triggered
1885170 - Nil pointer when verifying images
1885173 - [e2e][automation] Add test for next run configuration feature
1885179 - oc image append fails on push (uploading a new layer)
1885213 - Vertical Pod Autoscaler (VPA) not working with DeploymentConfig
1885218 - [e2e][automation] Add virtctl to gating script
1885223 - Sync with upstream (fix panicking cluster-capacity binary)
1885235 - Prometheus: Logging is broken due to mix of k8s.io/klog v1 and v2
1885241 - kube-rbac-proxy: Logging is broken due to mix of k8s.io/klog v1 and v2
1885243 - prometheus-adapter: Logging is broken due to mix of k8s.io/klog v1 and v2
1885244 - prometheus-operator: Logging is broken due to mix of k8s.io/klog v1 and v2
1885246 - cluster-monitoring-operator: Logging is broken due to mix of k8s.io/klog v1 and v2
1885249 - openshift-state-metrics: Logging is broken due to mix of k8s.io/klog v1 and v2
1885308 - Supermicro nodes failed to boot via disk during installation when using IPMI and UEFI
1885315 - unit tests fail on slow disks
1885319 - Remove redundant use of group and kind of DataVolumeTemplate
1885343 - Console doesn't load in iOS Safari when using self-signed certificates
1885344 - 4.7 upgrade - dummy bug for 1880591
1885358 - add p&f configuration to protect openshift traffic
1885365 - MCO does not respect the install section of systemd files when enabling
1885376 - failed to initialize the cluster: Cluster operator marketplace is still updating
1885398 - CSV with only Webhook conversion can't be installed
1885403 - Some OLM events hide the underlying errors
1885414 - Need to disable HTX when not using HTTP/2 in order to preserve HTTP header name case
1885425 - opm index add cannot batch add multiple bundles that use skips
1885543 - node tuning operator builds and installs an unsigned RPM
1885644 - Panic output due to timeouts in openshift-apiserver
1885676 - [OCP 4.7]UI should fallback to minimal deployment only after total CPU < 30 || totalMemory < 72 GiB for initial deployment
1885702 - Cypress: Fix 'aria-hidden-focus' accesibility violations
1885706 - Cypress: Fix 'link-name' accesibility violation
1885761 - DNS fails to resolve in some pods
1885856 - Missing registry v1 protocol usage metric on telemetry
1885864 - Stalld service crashed under the worker node
1885930 - [release 4.7] Collect ServiceAccount statistics
1885940 - kuryr/demo image ping not working
1886007 - upgrade test with service type load balancer will never work
1886022 - Move range allocations to CRD's
1886028 - [BM][IPI] Failed to delete node after scale down
1886111 - UpdatingopenshiftStateMetricsFailed: DeploymentRollout of openshift-monitoring/openshift-state-metrics: got 1 unavailable replicas
1886134 - Need to set GODEBUG=x509ignoreCN=0 in initrd
1886154 - System roles are not present while trying to create new role binding through web console
1886166 - 1885517 Clone - Not needed for 4.7 - upgrade from 4.5->4.6 causes broadcast storm
1886168 - Remove Terminal Option for Windows Nodes
1886200 - greenwave / CVP is failing on bundle validations, cannot stage push
1886229 - Multipath support for RHCOS sysroot
1886294 - Unable to schedule a pod due to Insufficient ephemeral-storage
1886327 - Attempt to add a worker using bad roodDeviceHint: bmh and machine become Provisioned, no error in status
1886353 - [e2e][automation] kubevirt-gating job fails for a missing virtctl URL
1886397 - Move object-enum to console-shared
1886423 - New Affinities don't contain ID until saving
1886435 - Azure UPI uses deprecated command 'group deployment'
1886449 - p&f: add configuration to protect oauth server traffic
1886452 - layout options doesn't gets selected style on click i.e grey background
1886462 - IO doesn't recognize namespaces - 2 resources with the same name in 2 namespaces -> only 1 gets collected
1886488 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest
1886524 - Change default terminal command for Windows Pods
1886553 - i/o timeout experienced from build02 when targeting CI test cluster during test execution
1886600 - panic: assignment to entry in nil map
1886620 - Application behind service load balancer with PDB is not disrupted
1886627 - Kube-apiserver pods restarting/reinitializing periodically
1886635 - CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider
1886636 - Panic in machine-config-operator
1886749 - Removing network policy from namespace causes inability to access pods through loadbalancer.
1886751 - Gather MachineConfigPools
1886766 - PVC dropdown has 'Persistent Volume' Label
1886834 - ovn-cert is mandatory in both master and node daemonsets
1886848 - [OSP] machine instance-state annotation discrepancy with providerStatus.instanceState
1886861 - ordered-values.yaml not honored if values.schema.json provided
1886871 - Neutron ports created for hostNetworking pods
1886890 - Overwrite jenkins-agent-base imagestream
1886900 - Cluster-version operator fills logs with "Manifest: ..." spew
1886922 - [sig-network] pods should successfully create sandboxes by getting pod
1886973 - Local storage operator doesn't include correctly populate LocalVolumeDiscoveryResult in console
1886977 - [v2v]Incorrect VM Provider type displayed in UI while importing VMs through VMIO
1887010 - Imagepruner met error "Job has reached the specified backoff limit" which causes image registry degraded
1887026 - FC volume attach fails with “no fc disk found” error on OCP 4.6 PowerVM cluster
1887040 - [upgrade] ovs pod crash for rhel worker when upgarde from 4.5 to 4.6
1887046 - Event for LSO need update to avoid confusion
1887088 - cluster-node-tuning-operator refers to missing cluster-node-tuned image
1887375 - User should be able to specify volumeMode when creating pvc from web-console
1887380 - Unsupported access mode should not be available to select when creating pvc by aws-ebs-csi-driver(gp2-csi) from web-console
1887392 - openshift-apiserver: delegated authn/z should have ttl > metrics/healthz/readyz/openapi interval
1887428 - oauth-apiserver service should be monitored by prometheus
1887441 - ingress misconfiguration may break authentication but ingress operator keeps reporting "degraded: False"
1887454 - [sig-storage] In-tree Volumes [Driver: azure-disk] [Testpattern: Dynamic PV (ext4)] volumes should store data
1887456 - It is impossible to attach the default NIC to a bridge with the latest version of OVN Kubernetes
1887465 - Deleted project is still referenced
1887472 - unable to edit application group for KSVC via gestures (shift+Drag)
1887488 - OCP 4.6: Topology Manager OpenShift E2E test fails: gu workload attached to SRIOV networks should let resource-aligned PODs have working SRIOV network interface
1887509 - Openshift-tests conformance TopologyManager tests run when Machine Config Operator is not installed on cluster
1887525 - Failures to set master HardwareDetails cannot easily be debugged
1887545 - 4.5 to 4.6 upgrade fails when external network is configured on a bond device: ovs-configuration service fails and node becomes unreachable
1887585 - ovn-masters stuck in crashloop after scale test
1887651 - [Internal Mode] Object gateway (RGW) in unknown state after OCP upgrade.
1887737 - Test TestImageRegistryRemovedWithImages is failing on e2e-vsphere-operator
1887740 - cannot install descheduler operator after uninstalling it
1887745 - API server is throwing 5xx error code for 42.11% of requests for LIST events
1887750 - oc explain localvolumediscovery returns empty description
1887751 - oc explain localvolumediscoveryresult returns empty description
1887778 - Add ContainerRuntimeConfig gatherer
1887783 - PVC upload cannot continue after approve the certificate
1887797 - [CNV][V2V] Default network type is bridge for interface bound to POD network in VMWare migration wizard
1887799 - User workload monitoring prometheus-config-reloader OOM
1887850 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install test is flaky
1887863 - Installer panics on invalid flavor
1887864 - Clean up dependencies to avoid invalid scan flagging
1887934 - TestForwardedHeaderPolicyAppend, TestForwardedHeaderPolicyReplace, and TestForwardedHeaderPolicyIfNone consistently fail because of case-sensitive comparison
1887936 - Kube-scheduler should be able to parse v1beta1 KubeSchedulerConfig
1888015 - workaround kubelet graceful termination of static pods bug
1888028 - prevent extra cycle in aggregated apiservers
1888036 - Operator details shows old CRD versions
1888041 - non-terminating pods are going from running to pending
1888072 - Setting Supermicro node to PXE boot via Redfish doesn't take affect
1888073 - Operator controller continuously busy looping
1888118 - Memory requests not specified for image registry operator
1888150 - Install Operand Form on OperatorHub is displaying unformatted text
1888172 - PR 209 didn't update the sample archive, but machineset and pdbs are now namespaced
1888227 - Failed to deploy some of container image on the recent OCP 4.6 nightly build
1888292 - Fix CVE-2015-7501 affecting agent-maven-3.5
1888311 - p&f: make SAR traffic from oauth and openshift apiserver exempt
1888363 - namespaces crash in dev
1888378 - [IPI on Azure] errors destroying cluster when Azure resource group was never created
1888381 - instance:node_network_receive_bytes_excluding_lo:rate1m value twice expected
1888464 - installer missing permission definitions for TagResources and UntagResources when installing in existing VPC
1888494 - imagepruner pod is error when image registry storage is not configured
1888565 - [OSP] machine-config-daemon-firstboot.service failed with "error reading osImageURL from rpm-ostree"
1888595 - cluster-policy-controller logs shows error which reads initial monitor sync has error
1888601 - The poddisruptionbudgets is using the operator service account, instead of gather
1888657 - oc doesn't know its name
1888663 - sdn starts after kube-apiserver, delay readyz until oauth-apiserver is reachable
1888671 - Document the Cloud Provider's ignore-volume-az setting
1888738 - quay.io/openshift/origin-must-gather:latest is not a multi-arch, manifest-list image
1888763 - at least one of these parameters (Vendor, DeviceID or PfNames) has to be defined in nicSelector in CR %s", cr.GetName()
1888827 - ovnkube-master may segfault when trying to add IPs to a nil address set
1888861 - need to pass dual-stack service CIDRs to kube-apiserver in dual-stack cluster
1888866 - AggregatedAPIDown permanently firing after removing APIService
1888870 - JS error when using autocomplete in YAML editor
1888874 - hover message are not shown for some properties
1888900 - align plugins versions
1888985 - Cypress: Fix 'Ensures buttons have discernible text' accesibility violation
1889213 - The error message of uploading failure is not clear enough
1889267 - Increase the time out for creating template and upload image in the terraform
1889348 - Project link should be removed from Application Details page, since it is inaccurate (Application Stages)
1889374 - Kiali feature won't work on fresh 4.6 cluster
1889388 - ListBundles returns incorrect replaces/skips when bundles have been added via semver-skippatch mode
1889420 - OCP failed to add vsphere disk when pod moved to new node during cluster upgrade
1889515 - Accessibility - The symbols e.g checkmark in the Node > overview page has no text description, label, or other accessible information
1889529 - [Init-CR annotation] Inline alert shows operand instance was needed still appearing after creating an Operand instance
1889540 - [4.5 upgrade][alert]CloudCredentialOperatorDown
1889577 - Resources are not shown on project workloads page
1889620 - [Azure] - Machineset not scaling when publicIP:true in disconnected Azure enviroment
1889630 - Scheduling disabled popovers are missing for Node status in Node Overview and Details pages
1889692 - Selected Capacity is showing wrong size
1889694 - usbguard fails to install as RHCOS extension due to missing libprotobuf.so.15
1889698 - When the user clicked cancel at the Create Storage Class confirmation dialog all the data from the Local volume set goes off
1889710 - Prometheus metrics on disk take more space compared to OCP 4.5
1889721 - opm index add semver-skippatch mode does not respect prerelease versions
1889724 - When LocalVolumeDiscovery CR is created form the LSO page User doesn't see the Disk tab
1889767 - [vsphere] Remove certificate from upi-installer image
1889779 - error when destroying a vSphere installation that failed early
1889787 - OCP is flooding the oVirt engine with auth errors
1889838 - race in Operator update after fix from bz1888073
1889852 - support new AWS regions ap-east-1, af-south-1, eu-south-1
1889863 - Router prints incorrect log message for namespace label selector
1889891 - Backport timecache LRU fix
1889912 - Drains can cause high CPU usage
1889921 - Reported Degraded=False Available=False pair does not make sense
1889928 - [e2e][automation] Add more tests for golden os
1889943 - EgressNetworkPolicy does not work when setting Allow rule to a dnsName
1890038 - Infrastructure status.platform not migrated to status.platformStatus causes warnings
1890074 - MCO extension kernel-headers is invalid
1890104 - with Serverless 1.10 version of trigger/subscription/channel/IMC is V1 as latest
1890130 - multitenant mode consistently fails CI
1890141 - move off docker.io images for build/image-eco/templates/jenkins e2e
1890145 - The mismatched of font size for Status Ready and Health Check secondary text
1890180 - FieldDependency x-descriptor doesn't support non-sibling fields
1890182 - DaemonSet with existing owner garbage collected
1890228 - AWS: destroy stuck on route53 hosted zone not found
1890235 - e2e: update Protractor's checkErrors logging
1890250 - workers may fail to join the cluster during an update from 4.5
1890256 - Replacing a master node on a baremetal IPI deployment gets stuck when deleting the machine of the unhealthy member
1890270 - External IP doesn't work if the IP address is not assigned to a node
1890361 - s390x: Generate new ostree rpm with fix for rootfs immutability
1890456 - [vsphere] mapi_instance_create_failed doesn't work on vsphere
1890467 - unable to edit an application without a service
1890472 - [Kuryr] Bulk port creation exception not completely formatted
1890494 - Error assigning Egress IP on GCP
1890530 - cluster-policy-controller doesn't gracefully terminate
1890630 - [Kuryr] Available port count not correctly calculated for alerts
1890671 - [SA] verify-image-signature using service account does not work
1890677 - 'oc image info' claims 'does not exist' for application/vnd.oci.image.manifest.v1+json manifest
1890808 - New etcd alerts need to be added to the monitoring stack
1890951 - Mirror of multiarch images together with cluster logging case problems. It doesn't sync the "overall" sha it syncs only the sub arch sha.
1890984 - Rename operator-webhook-config to sriov-operator-webhook-config
1890995 - wew-app should provide more insight into why image deployment failed
1891023 - ovn-kubernetes rbac proxy never starts waiting for an incorrect API call
1891047 - Helm chart fails to install using developer console because of TLS certificate error
1891068 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't report any alerts in firing state apart from Watchdog and AlertmanagerReceiversNotConfigured [Early] failing due to TargetDown alert from kube-scheduler
1891080 - [LSO] When Localvolumeset and SC is already created before OCS install Creation of LVD and LVS is skipped when user click created storage cluster from UI
1891108 - p&f: Increase the concurrency share of workload-low priority level
1891143 - CVO deadlocked while shutting down, shortly after fresh cluster install (metrics goroutine)
1891189 - [LSO] max device limit is accepting negative values. PVC is not getting created and no error is shown
1891314 - Display incompatible helm charts for installation (kubeVersion of cluster doesn't meet requirements of chart)
1891362 - Wrong metrics count for openshift_build_result_total
1891368 - fync should be fsync for etcdHighFsyncDurations alert's annotations.message
1891374 - fync should be fsync for etcdHighFsyncDurations critical alert's annotations.message
1891376 - Extra text in Cluster Utilization charts
1891419 - Wrong detail head on network policy detail page.
1891459 - Snapshot tests should report stderr of failed commands
1891498 - Other machine config pools do not show during update
1891543 - OpenShift 4.6/OSP install fails when node flavor has less than 25GB, even with dedicated storage
1891551 - Clusterautoscaler doesn't scale up as expected
1891552 - Handle missing labels as empty.
1891555 - The windows oc.exe binary does not have version metadata
1891559 - kuryr-cni cannot start new thread
1891614 - [mlx] testpmd fails inside OpenShift pod using DevX version 19.11
1891625 - [Release 4.7] Mutable LoadBalancer Scope
1891702 - installer get pending when additionalTrustBundle is added into install-config.yaml
1891716 - OVN cluster upgrade from 4.6.1 to 4.7 fails
1891740 - OperatorStatusChanged is noisy
1891758 - the authentication operator may spam DeploymentUpdated event endlessly
1891759 - Dockerfile builds cannot change /etc/pki/ca-trust
1891816 - [UPI] [OSP] control-plane.yml provisioning playbook fails on OSP 16.1
1891825 - Error message not very informative in case of mode mismatch
1891898 - The ClusterServiceVersion can define Webhooks that cannot be created.
1891951 - UI should show warning while creating pools with compression on
1891952 - [Release 4.7] Apps Domain Enhancement
1891993 - 4.5 to 4.6 upgrade doesn't remove deployments created by marketplace
1891995 - OperatorHub displaying old content
1891999 - Storage efficiency card showing wrong compression ratio
1892004 - OCP 4.6 opm on Ubuntu 18.04.4 - error /lib/x86_64-linux-gnu/libc.so.6: version GLIBC_2.28' not found (required by ./opm)
1892167 - [SR-IOV] SriovNetworkNodePolicies apply ignoring the spec.nodeSelector.
1892198 - TypeError in 'Performance Profile' tab displayed for 'Performance Addon Operator'
1892288 - assisted install workflow creates excessive control-plane disruption
1892338 - HAProxyReloadFail alert only briefly fires in the event of a broken HAProxy config
1892358 - [e2e][automation] update feature gate for kubevirt-gating job
1892376 - Deleted netnamespace could not be re-created
1892390 - TestOverwrite/OverwriteBundle/DefaultBehavior in operator-registry is flaky
1892393 - TestListPackages is flaky
1892448 - MCDPivotError alert/metric missing
1892457 - NTO-shipped stalld needs to use FIFO for boosting.
1892467 - linuxptp-daemon crash
1892521 - [AWS] Startup bootstrap machine failed due to ignition file is missing in disconnected UPI env
1892653 - User is unable to create KafkaSource with v1beta
1892724 - VFS added to the list of devices of the nodeptpdevice CRD
1892799 - Mounting additionalTrustBundle in the operator
1893117 - Maintenance mode on vSphere blocks installation.
1893351 - TLS secrets are not able to edit on console.
1893362 - The ovs-xxxxx_openshift-sdn container does not terminate gracefully, slowing down reboots
1893386 - false-positive ReadyIngressNodes_NoReadyIngressNodes: Auth operator makes risky "worker" assumption when guessing about ingress availability
1893546 - Deploy using virtual media fails on node cleaning step
1893601 - overview filesystem utilization of OCP is showing the wrong values
1893645 - oc describe route SIGSEGV
1893648 - Ironic image building process is not compatible with UEFI secure boot
1893724 - OperatorHub generates incorrect RBAC
1893739 - Force deletion doesn't work for snapshots if snapshotclass is already deleted
1893776 - No useful metrics for image pull time available, making debugging issues there impossible
1893798 - Lots of error messages starting with "get namespace to enqueue Alertmanager instances failed" in the logs of prometheus-operator
1893832 - ErrorCount field is missing in baremetalhosts.metal3.io CRD
1893889 - disabled dropdown items in the pf dropdown component are skipped over and unannounced by JAWS
1893926 - Some "Dynamic PV (block volmode)" pattern storage e2e tests are wrongly skipped
1893944 - Wrong product name for Multicloud Object Gateway
1893953 - (release-4.7) Gather default StatefulSet configs
1893956 - Installation always fails at "failed to initialize the cluster: Cluster operator image-registry is still updating"
1893963 - [Testday] Workloads-> Virtualization is not loading for Firefox browser
1893972 - Should skip e2e test cases as early as possible
1894013 - [v2v][Testday] VMware to CNV VM import]VMware URL: It is not clear that only the FQDN/IP address is required without 'https://'
1894020 - User with edit users cannot deploy images from their own namespace from the developer perspective
1894025 - OCP 4.5 to 4.6 upgrade for "aws-ebs-csi-driver-operator" fails when "defaultNodeSelector" is set
1894041 - [v2v][[Testday]VM import from VMware/RHV] VM import wizard: The target storage class name is not displayed if default storage class is used.
1894065 - tag new packages to enable TLS support
1894110 - Console shows wrong value for maxUnavailable and maxSurge when set to 0
1894144 - CI runs of baremetal IPI are failing due to newer libvirt libraries
1894146 - ironic-api used by metal3 is over provisioned and consumes a lot of RAM
1894194 - KuryrPorts leftovers from 4.6 GA need to be deleted
1894210 - Failed to encrypt OSDs on OCS4.6 installation (via UI)
1894216 - Improve OpenShift Web Console availability
1894275 - Fix CRO owners file to reflect node owner
1894278 - "database is locked" error when adding bundle to index image
1894330 - upgrade channels needs to be updated for 4.7
1894342 - oauth-apiserver logs many "[SHOULD NOT HAPPEN] failed to update managedFields for ... OAuthClient ... no corresponding type for oauth.openshift.io/v1, Kind=OAuthClient"
1894374 - Dont prevent the user from uploading a file with incorrect extension
1894432 - [oVirt] sometimes installer timeout on tmp_import_vm
1894477 - bash syntax error in nodeip-configuration.service
1894503 - add automated test for Polarion CNV-5045
1894519 - [OSP] External mode cluster creation disabled for Openstack and oVirt platform
1894539 - [on-prem] Unable to deploy additional machinesets on separate subnets
1894645 - Cinder volume provisioning crashes on nil cloud provider
1894677 - image-pruner job is panicking: klog stack
1894810 - Remove TechPreview Badge from Eventing in Serverless version 1.11.0
1894860 - 'backend' CI job passing despite failing tests
1894910 - Update the node to use the real-time kernel fails
1894992 - All nightly jobs for e2e-metal-ipi failing due to ipa image missing tenacity package
1895065 - Schema / Samples / Snippets Tabs are all selected at the same time
1895099 - vsphere-upi and vsphere-upi-serial jobs time out waiting for bootstrap to complete in CI
1895141 - panic in service-ca injector
1895147 - Remove memory limits on openshift-dns
1895169 - VM Template does not properly manage Mount Windows guest tools check box during VM creation
1895268 - The bundleAPIs should NOT be empty
1895309 - [OCP v47] The RHEL node scaleup fails due to "No package matching 'cri-o-1.19.*' found available" on OCP 4.7 cluster
1895329 - The infra index filled with warnings "WARNING: kubernetes.io/cinder built-in volume provider is now deprecated. The Cinder volume provider is deprecated and will be removed in a future release"
1895360 - Machine Config Daemon removes a file although its defined in the dropin
1895367 - Missing image in metadata DB index.db in disconnected Operator Hub installation. OCP 4.6.1
1895372 - Web console going blank after selecting any operator to install from OperatorHub
1895385 - Revert KUBELET_LOG_LEVEL back to level 3
1895423 - unable to edit an application with a custom builder image
1895430 - unable to edit custom template application
1895509 - Backup taken on one master cannot be restored on other masters
1895537 - [sig-imageregistry][Feature:ImageExtract] Image extract should extract content from an image
1895838 - oc explain description contains '/'
1895908 - "virtio" option is not available when modifying a CD-ROM to disk type
1895909 - e2e-metal-ipi-ovn-dualstack is failing
1895919 - NTO fails to load kernel modules
1895959 - configuring webhook token authentication should prevent cluster upgrades
1895979 - Unable to get coreos-installer with --copy-network to work
1896101 - [cnv][automation] Added negative tests for migration from VMWare and RHV
1896160 - CI: Some cluster operators are not ready: marketplace (missing: Degraded)
1896188 - [sig-cli] oc debug deployment configs from a build: local-busybox-1-build not completed
1896218 - Occasional GCP install failures: Error setting IAM policy for project ...: googleapi: Error 400: Service account ... does not exist., badRequest
1896229 - Current Rate of Bytes Received and Current Rate of Bytes Transmitted data can not be loaded
1896244 - Found a panic in storage e2e test
1896296 - Git links should avoid .git as part of the URL and should not link git:// urls in general
1896302 - [e2e][automation] Fix 4.6 test failures
1896365 - [Migration]The SDN migration cannot revert under some conditions
1896384 - [ovirt IPI]: local coredns resolution not working
1896446 - Git clone from private repository fails after upgrade OCP 4.5 to 4.6
1896529 - Incorrect instructions in the Serverless operator and application quick starts
1896645 - documentationBaseURL needs to be updated for 4.7
1896697 - [Descheduler] policy.yaml param in cluster configmap is empty
1896704 - Machine API components should honour cluster wide proxy settings
1896732 - "Attach to Virtual Machine OS" button should not be visible on old clusters
1896866 - File /etc/NetworkManager/system-connections/default_connection.nmconnection is incompatible with SR-IOV operator
1896898 - ovs-configuration.service fails when multiple IPv6 default routes are provided via RAs over the same interface and deployment bootstrap fails
1896918 - start creating new-style Secrets for AWS
1896923 - DNS pod /metrics exposed on anonymous http port
1896977 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters
1897003 - VNC console cannot be connected after visit it in new window
1897008 - Cypress: reenable check for 'aria-hidden-focus' rule & checkA11y test for modals
1897026 - [Migration] With updating optional network operator configuration, migration stucks on MCO
1897039 - router pod keeps printing log: template "msg"="router reloaded" "output"="[WARNING] 316/065823 (15) : parsing [/var/lib/haproxy/conf/haproxy.config:52]: option 'http-use-htx' is deprecated and ignored
1897050 - [IBM Power] LocalVolumeSet provisions boot partition as PV.
1897073 - [OCP 4.5] wrong netid assigned to Openshift projects/namespaces
1897138 - oVirt provider uses depricated cluster-api project
1897142 - When scaling replicas to zero, Octavia loadbalancer pool members are not updated accordingly
1897252 - Firing alerts are not showing up in console UI after cluster is up for some time
1897354 - Operator installation showing success, but Provided APIs are missing
1897361 - The MCO GCP-OP tests fail consistently on containerruntime tests with "connection refused"
1897412 - [sriov]disableDrain did not be updated in CRD of manifest
1897423 - Max unavailable and Max surge value are not shown on Deployment Config Details page
1897516 - Baremetal IPI deployment with IPv6 control plane fails when the nodes obtain both SLAAC and DHCPv6 addresses as they set their hostname to 'localhost'
1897520 - After restarting nodes the image-registry co is in degraded true state.
1897584 - Add casc plugins
1897603 - Cinder volume attachment detection failure in Kubelet
1897604 - Machine API deployment fails: Kube-Controller-Manager can't reach API: "Unauthorized"
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1897641 - Baremetal IPI with IPv6 control plane: nodes respond with duplicate packets to ICMP6 echo requests
1897676 - [CI] [Azure] [UPI] CI failing since 4.6 changes in ignition
1897830 - [GSS] Unable to deploy OCS 4.5.2 on OCP 4.6.1, cannotCreate OCS Cluster Service1897891 - [RFE][v2v][UI][CNV VM import] Providing error message or/and block migration when vddk-init-image is missing
1897897 - ptp lose sync openshift 4.6
1898036 - no network after reboot (IPI)
1898045 - AWS EBS CSI Driver can not get updated cloud credential secret automatically
1898097 - mDNS floods the baremetal network
1898118 - Lack of logs on some image stream tests make hard to find root cause of a problem
1898134 - Descheduler logs show absolute values instead of percentage when LowNodeUtilization strategy is applied
1898159 - kcm operator shall pass --allocate-node-cidrs=false to kcm for ovn-kube and openshift-sdn cluster
1898174 - [OVN] EgressIP does not guard against node IP assignment
1898194 - GCP: can't install on custom machine types
1898238 - Installer validations allow same floating IP for API and Ingress
1898268 - [OVN]:make checkbroken on 4.6
1898289 - E2E test: Use KUBEADM_PASSWORD_FILE by default
1898320 - Incorrect Apostrophe Translation of "it's" in Scheduling Disabled Popover
1898357 - Within the operatorhub details view, long unbroken text strings do not wrap cause breaking display.
1898407 - [Deployment timing regression] Deployment takes longer with 4.7
1898417 - GCP: the dns targets in Google Cloud DNS is not updated after recreating loadbalancer service
1898487 - [oVirt] Node is not removed when VM has been removed from oVirt engine
1898500 - Failure to upgrade operator when a Service is included in a Bundle
1898517 - Ironic auto-discovery may result in rogue nodes registered in ironic
1898532 - Display names defined in specDescriptors not respected
1898580 - When adding more than one node selector to the sriovnetworknodepolicy, the cni and the device plugin pods are constantly rebooted
1898613 - Whereabouts should exclude IPv6 ranges
1898655 - [oVirt] Node deleted in oVirt should cause the Machine to go into a Failed phase
1898679 - Operand creation form - Required "type: object" properties (Accordion component) are missing red asterisk
1898680 - CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability
1898745 - installation failing with CVO reporting openshift-samples not rolled out, samples not setting versions in its ClusterOperator
1898839 - Wrong YAML in operator metadata
1898851 - Multiple Pods access the same volume on the same node e2e test cases are missed from aws ebs csi driver e2e test job
1898873 - Remove TechPreview Badge from Monitoring
1898954 - Backup script does not take /etc/kubernetes/static-pod-resources on a reliable way
1899111 - [RFE] Update jenkins-maven-agen to maven36
1899128 - VMI details screen -> show the warning that it is preferable to have a VM only if the VM actually does not exist
1899175 - bump the RHCOS boot images for 4.7
1899198 - Use new packages for ipa ramdisks
1899200 - In Installed Operators page I cannot search for an Operator by it's name
1899220 - Support AWS IMDSv2
1899350 - configure-ovs.sh doesn't configure bonding options
1899433 - When Creating OCS from ocs wizard Step Discover Disks shows Error "An error occurred Not Found"
1899459 - Failed to start monitoring pods once the operator removed from override list of CVO
1899515 - Passthrough credentials are not immediately re-distributed on update
1899575 - update discovery burst to reflect lots of CRDs on openshift clusters
1899582 - update discovery burst to reflect lots of CRDs on openshift clusters
1899588 - Operator objects are re-created after all other associated resources have been deleted
1899600 - Increased etcd fsync latency as of OCP 4.6
1899603 - workers-rhel7 CI jobs failing: Failed to remove rollback: error running rpm-ostree cleanup
1899627 - Project dashboard Active status using small icon
1899725 - Pods table does not wrap well with quick start sidebar open
1899746 - [ovn] error while waiting on flows for pod: OVS sandbox port is no longer active (probably due to a subsequent CNI ADD)
1899760 - etcd_request_duration_seconds_bucket metric has excessive cardinality
1899835 - catalog-operator repeatedly crashes with "runtime error: index out of range [0] with length 0"
1899839 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap
1899853 - additionalSecurityGroupIDs not working for master nodes
1899922 - NP changes sometimes influence new pods.
1899949 - [Platform] Remove restriction on disk type selection for LocalVolumeSet
1900008 - Fix internationalized sentence fragments in ImageSearch.tsx
1900010 - Fix internationalized sentence fragments in BuildImageSelector.tsx
1900020 - Remove ' from internationalized keys
1900022 - Search Page - Top labels field is not applied to selected Pipeline resources
1900030 - disruption_tests: [sig-imageregistry] Image registry remain available failing consistently
1900126 - Creating a VM results in suggestion to create a default storage class when one already exists
1900138 - [OCP on RHV] Remove insecure mode from the installer
1900196 - stalld is not restarted after crash
1900239 - Skip "subPath should be able to unmount" NFS test
1900322 - metal3 pod's toleration for key: node-role.kubernetes.io/master currently matches on exact value matches but should match on Exists
1900377 - [e2e][automation] create new css selector for active users
1900496 - (release-4.7) Collect spec config for clusteroperator resources
1900672 - (s390x) Upgrade from old LUKS to new not working with DASD disks
1900699 - Impossible to add new Node on OCP 4.6 using large ECKD disks - fdasd issue
1900759 - include qemu-guest-agent by default
1900790 - Track all resource counts via telemetry
1900835 - Multus errors when cachefile is not found
1900935 -oc adm release mirrorpanic panic: runtime error
1900989 - accessing the route cannot wake up the idled resources
1901040 - When scaling down the status of the node is stuck on deleting
1901057 - authentication operator health check failed when installing a cluster behind proxy
1901107 - pod donut shows incorrect information
1901111 - Installer dependencies are broken
1901200 - linuxptp-daemon crash when enable debug log level
1901301 - CBO should handle platform=BM without provisioning CR
1901355 - [Azure][4.7] Invalid vm size from customized compute nodes does not fail properly
1901363 - High Podready Latency due to timed out waiting for annotations
1901373 - redundant bracket on snapshot restore button
1901376 - [on-prem] Upgrade from 4.6 to 4.7 failed with "timed out waiting for the condition during waitForControllerConfigToBeCompleted: controllerconfig is not completed: ControllerConfig has not completed: completed(false) running(false) failing(true"
1901395 - "Edit virtual machine template" action link should be removed
1901472 - [OSP] Bootstrap and master nodes use different keepalived unicast setting
1901517 - RHCOS 4.6.1 uses a single NetworkManager connection for multiple NICs when using default DHCP
1901531 - Console returns a blank page while trying to create an operator Custom CR with Invalid Schema
1901594 - Kubernetes resource CRUD operations.Kubernetes resource CRUD operations Pod "before all" hook for "creates the resource instance"
1901604 - CNO blocks editing Kuryr options
1901675 - [sig-network] multicast when using one of the plugins 'redhat/openshift-ovs-multitenant, redhat/openshift-ovs-networkpolicy' should allow multicast traffic in namespaces where it is enabled
1901909 - The device plugin pods / cni pod are restarted every 5 minutes
1901982 - [sig-builds][Feature:Builds] build can reference a cluster service with a build being created from new-build should be able to run a build that references a cluster service
1902019 - when podTopologySpreadConstraint strategy is enabled for descheduler it throws error
1902059 - Wire a real signer for service accout issuer
1902091 -cluster-image-registry-operatorpod leaves connections open when fails connecting S3 storage
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1902157 - The DaemonSet machine-api-termination-handler couldn't allocate Pod
1902253 - MHC status doesnt set RemediationsAllowed = 0
1902299 - Failed to mirror operator catalog - error: destination registry required
1902545 - Cinder csi driver node pod should add nodeSelector for Linux
1902546 - Cinder csi driver node pod doesn't run on master node
1902547 - Cinder csi driver controller pod doesn't run on master node
1902552 - Cinder csi driver does not use the downstream images
1902595 - Project workloads list view doesn't show alert icon and hover message
1902600 - Container csi-snapshotter in Cinder csi driver needs to use ImagePullPolicy=IfNotPresent
1902601 - Cinder csi driver pods run as BestEffort qosClass
1902653 - [BM][IPI] Master deployment failed: No valid host was found. Reason: No conductor service registered which supports driver redfish for conductor group
1902702 - [sig-auth][Feature:LDAP][Serial] ldap group sync can sync groups from ldap: oc cp over non-existing directory/file fails
1902746 - [BM][IP] Master deployment failed - Base.1.0.GeneralError: database is locked
1902824 - failed to generate semver informed package manifest: unable to determine default channel
1902894 - hybrid-overlay-node crashing trying to get node object during initialization
1902969 - Cannot load vmi detail page
1902981 - It should default to current namespace when create vm from template
1902996 - [AWS] UPI on USGov, bootstrap machine can not fetch ignition file via s3:// URI
1903033 - duplicated lines of imageContentSources is seen when mirror release image to local registry
1903034 - OLM continuously printing debug logs
1903062 - [Cinder csi driver] Deployment mounted volume have no write access
1903078 - Deleting VolumeSnapshotClass makes VolumeSnapshot not Ready
1903107 - Enable vsphere-problem-detector e2e tests
1903164 - OpenShift YAML editor jumps to top every few seconds
1903165 - Improve Canary Status Condition handling for e2e tests
1903172 - Column Management: Fix sticky footer on scroll
1903186 - [Descheduler] cluster logs should report some info when PodTopologySpreadConstraints strategy is enabled
1903188 - [Descheduler] cluster log reports failed to validate server configuration" err="unsupported log format:
1903192 - Role name missing on create role binding form
1903196 - Popover positioning is misaligned for Overview Dashboard status items
1903206 - Ingress controller incorrectly routes traffic to non-ready pods/backends.
1903226 - MutatingWebhookConfiguration pod-identity-webhook does not exclude critical control-plane components
1903248 - Backport Upstream Static Pod UID patch
1903277 - Deprovisioning Not Deleting Security Groups [VpcLimitExceeded on e2e-aws tests]
1903290 - Kubelet repeatedly log the same log line from exited containers
1903346 - PV backed by FC lun is not being unmounted properly and this leads to IO errors / xfs corruption.
1903382 - Panic when task-graph is canceled with a TaskNode with no tasks
1903400 - Migrate a VM which is not running goes to pending state
1903402 - Nic/Disk on VMI overview should link to VMI's nic/disk page
1903414 - NodePort is not working when configuring an egress IP address
1903424 - mapi_machine_phase_transition_seconds_sum doesn't work
1903464 - "Evaluating rule failed" for "record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum" and "record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum"
1903639 - Hostsubnet gatherer produces wrong output
1903651 - Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service
1903660 - Cannot install with Assisted Installer on top of IPv6 since network provider is not started
1903674 - [sig-apps] ReplicationController should serve a basic image on each replica with a private image
1903717 - Handle different Pod selectors for metal3 Deployment
1903733 - Scale up followed by scale down can delete all running workers
1903917 - Failed to load "Developer Catalog" page
1903999 - Httplog response code is always zero
1904026 - The quota controllers should resync on new resources and make progress
1904064 - Automated cleaning is disabled by default
1904124 - DHCP to static lease script doesn't work correctly if starting with infinite leases
1904125 - Boostrap VM .ign image gets added into 'default' pool instead of <cluster-name>-<id>-bootstrap
1904131 - kuryr tempest plugin test test_ipblock_network_policy_sg_rules fails
1904133 - KubeletConfig flooded with failure conditions
1904161 - AlertmanagerReceiversNotConfigured fires unconditionally on alertmanager restart
1904243 - RHCOS 4.6.1 missing ISCSI initiatorname.iscsi !
1904244 - MissingKey errors for two plugins using i18next.t
1904262 - clusterresourceoverride-operator has version: 1.0.0 every build
1904296 - VPA-operator has version: 1.0.0 every build
1904297 - The index image generated by "opm index prune" leaves unrelated images
1904305 - Should have scroll-down bar for the field which the values list has too many results under dashboards
1904385 - [oVirt] registry cannot mount volume on 4.6.4 -> 4.6.6 upgrade
1904497 - vsphere-problem-detector: Run on vSphere cloud only
1904501 - [Descheduler] descheduler does not evict any pod when PodTopologySpreadConstraint strategy is set
1904502 - vsphere-problem-detector: allow longer timeouts for some operations
1904503 - vsphere-problem-detector: emit alerts
1904538 - [sig-arch][Early] Managed cluster should start all core operators: monitoring: container has runAsNonRoot and image has non-numeric user (nobody)
1904578 - metric scraping for vsphere problem detector is not configured
1904582 - All application traffic broken due to unexpected load balancer change on 4.6.4 -> 4.6.6 upgrade
1904663 - IPI pointer customization MachineConfig always generated
1904679 - [Feature:ImageInfo] Image info should display information about images
1904683 -[sig-builds][Feature:Builds] s2i build with a root user imagetests use docker.io image
1904684 - [sig-cli] oc debug ensure it works with image streams
1904713 - Helm charts with kubeVersion restriction are filtered incorrectly
1904776 - Snapshot modal alert is not pluralized
1904824 - Set vSphere hostname from guestinfo before NM starts
1904941 - Insights status is always showing a loading icon
1904973 - KeyError: 'nodeName' on NP deletion
1904985 - Prometheus and thanos sidecar targets are down
1904993 - Many ampersand special characters are found in strings
1905066 - QE - Monitoring test cases - smoke test suite automation
1905074 - QE -Gherkin linter to maintain standards
1905100 - Too many haproxy processes in default-router pod causing high load average
1905104 - Snapshot modal disk items missing keys
1905115 - CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm
1905119 - Race in AWS EBS determining whether custom CA bundle is used
1905128 - [e2e][automation] e2e tests succeed without actually execute
1905133 - operator conditions special-resource-operator
1905141 - vsphere-problem-detector: report metrics through telemetry
1905146 - Backend Tests: TestHelmRepoGetter_SkipDisabled failures
1905194 - Detecting broken connections to the Kube API takes up to 15 minutes
1905221 - CVO transitions from "Initializing" to "Updating" despite not attempting many manifests
1905232 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them failing due to inconsistent images between CI and OCP
1905253 - Inaccurate text at bottom of Events page
1905298 - openshift-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory
1905299 - OLM fails to update operator
1905307 - Provisioning CR is missing from must-gather
1905319 - cluster-samples-operator containers are not requesting required memory resource
1905320 - csi-snapshot-webhook is not requesting required memory resource
1905323 - dns-operator is not requesting required memory resource
1905324 - ingress-operator is not requesting required memory resource
1905327 - openshift-kube-scheduler initContainer wait-for-host-port is not requesting required resources: cpu, memory
1905328 - Changing the bound token service account issuer invalids previously issued bound tokens
1905329 - openshift-oauth-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory
1905330 - openshift-monitoring init-textfile is not requesting required resources: cpu, memory
1905338 - QE -Cypress Automation for Add Flow - Database, Yaml, OperatorBacked, PageDetails
1905347 - QE - Design Gherkin Scenarios
1905348 - QE - Design Gherkin Scenarios
1905362 - [sriov] Error message 'Fail to update DaemonSet' always shown in sriov operator pod
1905368 - [sriov] net-attach-def generated from sriovnetwork cannot be restored once it was deleted
1905370 - A-Z/Z-A sorting dropdown on Developer Catalog page is not aligned with filter text input
1905380 - Default to Red Hat/KubeVirt provider if common template does not have provider annotation
1905393 - CMO uses rbac.authorization.k8s.io/v1beta1 instead of rbac.authorization.k8s.io/v1
1905404 - The example of "Remove the entrypoint on the mysql:latest image" foroc image appenddoes not work
1905416 - Hyperlink not working from Operator Description
1905430 - usbguard extension fails to install because of missing correct protobuf dependency version
1905492 - The stalld service has a higher scheduler priority than ksoftirq and rcu{b, c} threads
1905502 - Test flake - unable to get https transport for ephemeral-registry
1905542 - [GSS] The "External" mode option is not available when the OCP cluster is deployed using Redhat Cluster Assisted Installer 4.6.
1905599 - Errant change to lastupdatetime in copied CSV status can trigger runaway csv syncs
1905610 - Fix typo in export script
1905621 - Protractor login test fails against a 4.7 (nightly) Power cluster
1905640 - Subscription manual approval test is flaky
1905647 - Report physical core valid-for-subscription min/max/cumulative use to telemetry
1905696 - ClusterMoreUpdatesModal component did not get internationalized
1905748 - with sharded ingresscontrollers, all shards reload when any endpoint changes
1905761 - NetworkPolicy with Egress policyType is resulting in SDN errors and improper communication within Project
1905778 - inconsistent ingresscontroller between fresh installed cluster and upgraded cluster
1905792 - [OVN]Cannot create egressfirewalll with dnsName
1905889 - Should create SA for each namespace that the operator scoped
1905920 - Quickstart exit and restart
1905941 - Page goes to error after create catalogsource
1905977 - QE ghaekin design scenaio-pipeline metrics ODC-3711
1906032 - Canary Controller: Canary daemonset rolls out slowly in large clusters
1906100 - Disconnected cluster upgrades are failing from the cli, when signature retrieval is being blackholed instead of quickly rejected
1906105 - CBO annotates an existing Metal3 deployment resource to indicate that it is managing it
1906118 - OCS feature detection constantly polls storageclusters and storageclasses
1906120 - 'Create Role Binding' form not setting user or group value when created from a user or group resource
1906121 - [oc] After new-project creation, the kubeconfig file does not set the project
1906134 - OLM should not create OperatorConditions for copied CSVs
1906143 - CBO supports log levels
1906186 - i18n: Translators are not able to translatethiswithout context for alert manager config
1906228 - tuned and openshift-tuned sometimes do not terminate gracefully, slowing reboots
1906274 - StorageClass installed by Cinder csi driver operator should enable the allowVolumeExpansion to support volume resize.
1906276 -oc image appendcan't work with multi-arch image with --filter-by-os='.*'
1906318 - use proper term for Authorized SSH Keys
1906335 - The lastTransitionTime, message, reason field of operatorcondition should be optional
1906356 - Unify Clone PVC boot source flow with URL/Container boot source
1906397 - IPA has incorrect kernel command line arguments
1906441 - HorizontalNav and NavBar have invalid keys
1906448 - Deploy using virtualmedia with provisioning network disabled fails - 'Failed to connect to the agent' in ironic-conductor log
1906459 - openstack: Quota Validation fails if unlimited quotas are given to a project
1906496 - [BUG] Thanos having possible memory leak consuming huge amounts of node's memory and killing them
1906508 - TestHeaderNameCaseAdjust outputs nil error message on some failures
1906511 - Root reprovisioning tests flaking often in CI
1906517 - Validation is not robust enough and may prevent to generate install-confing.
1906518 - Update snapshot API CRDs to v1
1906519 - Update LSO CRDs to use v1
1906570 - Number of disruptions caused by reboots on a cluster cannot be measured
1906588 - [ci][sig-builds] nodes is forbidden: User "e2e-test-jenkins-pipeline-xfghs-user" cannot list resource "nodes" in API group "" at the cluster scope
1906650 - Cannot collect network policy, EgressFirewall, egressip logs with gather_network_logs
1906655 - [SDN]Cannot colloect ovsdb-server.log and ovs-vswitchd.log with gather_network_logs
1906679 - quick start panel styles are not loaded
1906683 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber
1906684 - Event Source creation fails if user selects no app group and switch to yaml and then to form
1906685 - SinkBinding is shown in topology view if underlying resource along with actual source created
1906689 - user can pin to nav configmaps and secrets multiple times
1906691 - Add doc which describes disabling helm chart repository
1906713 - Quick starts not accesible for a developer user
1906718 - helm chart "provided by Redhat" is misspelled
1906732 - Machine API proxy support should be tested
1906745 - Update Helm endpoints to use Helm 3.4.x
1906760 - performance issues with topology constantly re-rendering
1906766 - localizedAutoscaled&Autoscalingpod texts overlap with the pod ring
1906768 - Virtualization nav item is incorrectly placed in the Admin Workloads section
1906769 - topology fails to load with non-kubeadmin user
1906770 - shortcuts on mobiles view occupies a lot of space
1906798 - Dev catalog customization doesn't update console-config ConfigMap
1906806 - Allow installing extra packages in ironic container images
1906808 - [test-disabled] ServiceAccounts should support OIDC discovery of service account issuer
1906835 - Topology view shows add page before then showing full project workloads
1906840 - ClusterOperator should not have status "Updating" if operator version is the same as the release version
1906844 - EndpointSlice and EndpointSliceProxying feature gates should be disabled for openshift-sdn kube-proxy
1906860 - Bump kube dependencies to v1.20 for Net Edge components
1906864 - Quick Starts Tour: Need to adjust vertical spacing
1906866 - Translations of Sample-Utils
1906871 - White screen when sort by name in monitoring alerts page
1906872 - Pipeline Tech Preview Badge Alignment
1906875 - Provide an option to force backup even when API is not available.
1906877 - Placeholder' value in search filter do not match column heading in Vulnerabilities
1906879 - Add missing i18n keys
1906880 - oidcdiscoveryendpoint controller invalidates all TokenRequest API tokens during install
1906896 - No Alerts causes odd empty Table (Need no content message)
1906898 - Missing User RoleBindings in the Project Access Web UI
1906899 - Quick Start - Highlight Bounding Box Issue
1906916 - Teach CVO about flowcontrol.apiserver.k8s.io/v1beta1
1906933 - Cluster Autoscaler should have improved mechanisms for group identifiers
1906935 - Delete resources when Provisioning CR is deleted
1906968 - Must-gather should support collecting kubernetes-nmstate resources
1906986 - Ensure failed pod adds are retried even if the pod object doesn't change
1907199 - Need to upgrade machine-api-operator module version under cluster-api-provider-kubevirt
1907202 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change
1907211 - beta promotion of p&f switched storage version to v1beta1, making downgrades impossible.
1907269 - Tooltips data are different when checking stack or not checking stack for the same time
1907280 - Install tour of OCS not available.
1907282 - Topology page breaks with white screen
1907286 - The default mhc machine-api-termination-handler couldn't watch spot instance
1907287 - [csi-snapshot-webhook] should support both v1beta1 and v1 version when creating volumesnapshot/volumesnapshotcontent
1907293 - Increase timeouts in e2e tests
1907295 - Gherkin script for improve management for helm
1907299 - Advanced Subscription Badge for KMS and Arbiter not present
1907303 - Align VM template list items by baseline
1907304 - Use PF styles for selected template card in VM Wizard
1907305 - Drop 'ISO' from CDROM boot source message
1907307 - Support and provider labels should be passed on between templates and sources
1907310 - Pin action should be renamed to favorite
1907312 - VM Template source popover is missing info about added date
1907313 - ClusterOperator objects cannot be overriden with cvo-overrides
1907328 - iproute-tc package is missing in ovn-kube image
1907329 - CLUSTER_PROFILE env. variable is not used by the CVO
1907333 - Node stuck in degraded state, mcp reports "Failed to remove rollback: error running rpm-ostree cleanup -r: error: Timeout was reached"
1907373 - Rebase to kube 1.20.0
1907375 - Bump to latest available 1.20.x k8s - workloads team
1907378 - Gather netnamespaces networking info
1907380 - kube-rbac-proxy exposes tokens, has excessive verbosity
1907381 - OLM fails to deploy an operator if its deployment template contains a description annotation that doesn't match the CSV one
1907390 - prometheus-adapter: panic after k8s 1.20 bump
1907399 - build log icon link on topology nodes cause app to reload
1907407 - Buildah version not accessible
1907421 - [4.6.1]oc-image-mirror command failed on "error: unable to copy layer"
1907453 - Dev Perspective -> running vm details -> resources -> no data
1907454 - Install PodConnectivityCheck CRD with CNO
1907459 - "The Boot source is also maintained by Red Hat." is always shown for all boot sources
1907475 - Unable to estimate the error rate of ingress across the connected fleet
1907480 -Active alertssection throwing forbidden error for users.
1907518 - Kamelets/Eventsource should be shown to user if they have create access
1907543 - Korean timestamps are shown when users' language preferences are set to German-en-en-US
1907610 - Update kubernetes deps to 1.20
1907612 - Update kubernetes deps to 1.20
1907621 - openshift/installer: bump cluster-api-provider-kubevirt version
1907628 - Installer does not set primary subnet consistently
1907632 - Operator Registry should update its kubernetes dependencies to 1.20
1907639 - pass dual-stack node IPs to kubelet in dual-stack clusters
1907644 - fix up handling of non-critical annotations on daemonsets/deployments
1907660 - Pod list does not render cell height correctly when pod names are too long (dynamic table rerendering issue?)
1907670 - CVE-2020-27846 crewjam/saml: authentication bypass in saml authentication
1907671 - Ingress VIP assigned to two infra nodes simultaneously - keepalived process running in pods seems to fail
1907767 - [e2e][automation]update test suite for kubevirt plugin
1907770 - Recent RHCOS 47.83 builds (from rhcos-47.83.202012072210-0 on) don't allow master and worker nodes to boot
1907792 - Theoverridesof the OperatorCondition cannot block the operator upgrade
1907793 - Surface support info in VM template details
1907812 - 4.7 to 4.6 downgrade stuck in clusteroperator storage
1907822 - [OCP on OSP] openshift-install panic when checking quota with install-config have no flavor set
1907863 - Quickstarts status not updating when starting the tour
1907872 - dual stack with an ipv6 network fails on bootstrap phase
1907874 - QE - Design Gherkin Scenarios for epic ODC-5057
1907875 - No response when try to expand pvc with an invalid size
1907876 - Refactoring record package to make gatherer configurable
1907877 - QE - Automation- pipelines builder scripts
1907883 - Fix Pipleine creation without namespace issue
1907888 - Fix pipeline list page loader
1907890 - Misleading and incomplete alert message shown in pipeline-parameters and pipeline-resources form
1907892 - Unable to edit application deployed using "From Devfile" option
1907893 - navSortUtils.spec.ts unit test failure
1907896 - When a workload is added, Topology does not place the new items well
1907908 - VM Wizard always uses VirtIO for the VM rootdisk regardless what is defined in common-template
1907924 - Enable madvdontneed in OpenShift Images
1907929 - Enable madvdontneed in OpenShift System Components Part 2
1907936 - NTO is not reporting nto_profile_set_total metrics correctly after reboot
1907947 - The kubeconfig saved in tenantcluster shouldn't include anything that is not related to the current context
1907948 - OCM-O bump to k8s 1.20
1907952 - bump to k8s 1.20
1907972 - Update OCM link to open Insights tab
1907989 - DataVolumes was intorduced in common templates - VM creation fails in the UI
1907998 - Gather kube_pod_resource_request/limit metrics as exposed in upstream KEP 1916
1908001 - [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in egress-router-cni
1908014 - e2e-aws-ansible and e2e-aws-helm are broken in ocp-release-operator-sdk
1908035 - dynamic-demo-plugin build does not generate dist directory
1908135 - quick search modal is not centered over topology
1908145 - kube-scheduler-recovery-controller container crash loop when router pod is co-scheduled
1908159 - [AWS C2S] MCO fails to sync cloud config
1908171 - GCP: Installation fails when installing cluster with n1-custom-4-16384custom type (n1-custom-4-16384)
1908180 - Add source for template is stucking in preparing pvc
1908217 - CI: Server-Side Apply should work for oauth.openshift.io/v1: has no tokens
1908231 - [Migration] The pods ovnkube-node are in CrashLoopBackOff after SDN to OVN
1908277 - QE - Automation- pipelines actions scripts
1908280 - Documentation describingignore-volume-azis incorrect
1908296 - Fix pipeline builder form yaml switcher validation issue
1908303 - [CVE-2020-28367 CVE-2020-28366] Remove CGO flag from rhel Dockerfile in Egress-Router-CNI
1908323 - Create button missing for PLR in the search page
1908342 - The new pv_collector_total_pv_count is not reported via telemetry
1908344 - [vsphere-problem-detector] CheckNodeProviderID and CheckNodeDiskUUID have the same name
1908347 - CVO overwrites ValidatingWebhookConfiguration for snapshots
1908349 - Volume snapshot tests are failing after 1.20 rebase
1908353 - QE - Automation- pipelines runs scripts
1908361 - bump to k8s 1.20
1908367 - QE - Automation- pipelines triggers scripts
1908370 - QE - Automation- pipelines secrets scripts
1908375 - QE - Automation- pipelines workspaces scripts
1908381 - Go Dependency Fixes for Devfile Lib
1908389 - Loadbalancer Sync failing on Azure
1908400 - Tests-e2e, increase timeouts, re-add TestArchiveUploadedAndResultsReceived
1908407 - Backport Upstream 95269 to fix potential crash in kubelet
1908410 - Exclude Yarn from VSCode search
1908425 - Create Role Binding form subject type and name are undefined when All Project is selected
1908431 - When the marketplace-operator pod get's restarted, the custom catalogsources are gone, as well as the pods
1908434 - Remove &apos from metal3-plugin internationalized strings
1908437 - Operator backed with no icon has no badge associated with the CSV tag
1908459 - bump to k8s 1.20
1908461 - Add bugzilla component to OWNERS file
1908462 - RHCOS 4.6 ostree removed dhclient
1908466 - CAPO AZ Screening/Validating
1908467 - Zoom in and zoom out in topology package should be sentence case
1908468 - [Azure][4.7] Installer can't properly parse instance type with non integer memory size
1908469 - nbdb failed to come up while bringing up OVNKubernetes cluster
1908471 - OLM should bump k8s dependencies to 1.20
1908484 - oc adm release extract --cloud=aws --credentials-requests dumps all manifests
1908493 - 4.7-e2e-metal-ipi-ovn-dualstack intermittent test failures, worker hostname is overwritten by NM
1908545 - VM clone dialog does not open
1908557 - [e2e][automation]Miss css id on bootsource and reviewcreate step on wizard
1908562 - Pod readiness is not being observed in real world cases
1908565 - [4.6] Cannot filter the platform/arch of the index image
1908573 - Align the style of flavor
1908583 - bootstrap does not run on additional networks if configured for master in install-config
1908596 - Race condition on operator installation
1908598 - Persistent Dashboard shows events for all provisioners
1908641 - Go back to Catalog Page link on Virtual Machine page vanishes on empty state
1908648 - Skip TestKernelType test on OKD, adjust TestExtensions
1908650 - The title of customize wizard is inconsistent
1908654 - cluster-api-provider: volumes and disks names shouldn't change by machine-api-operator
1908675 - Reenable [sig-storage] CSI mock volume CSI FSGroupPolicy [LinuxOnly] should modify fsGroup if fsGroupPolicy=default [Suite:openshift/conformance/parallel] [Suite:k8s]
1908687 - Option to save user settings separate when using local bridge (affects console developers only)
1908697 - Showkubectl diff command in the oc diff help page
1908715 - Pressing the arrow up key when on topmost quick-search list item it should loop back to bottom
1908716 - UI breaks on click of sidebar of ksvc (if revisions not up) in topology on 4.7 builds
1908717 - "missing unit character in duration" error in some network dashboards
1908746 - [Safari] Drop Shadow doesn't works as expected on hover on workload
1908747 - stale S3 CredentialsRequest in CCO manifest
1908758 - AWS: NLB timeout value is rejected by AWS cloud provider after 1.20 rebase
1908830 - RHCOS 4.6 - Missing Initiatorname
1908868 - Update empty state message for EventSources and Channels tab
1908880 - 4.7 aws-serial CI: NoExecuteTaintManager Single Pod [Serial] eventually evict pod with finite tolerations from tainted nodes
1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
1908888 - Dualstack does not work with multiple gateways
1908889 - Bump CNO to k8s 1.20
1908891 - TestDNSForwarding DNS operator e2e test is failing frequently
1908914 - CNO: upgrade nodes before masters
1908918 - Pipeline builder yaml view sidebar is not responsive
1908960 - QE - Design Gherkin Scenarios
1908971 - Gherkin Script for pipeline debt 4.7
1908983 - i18n: Add Horizontal Pod Autoscaler action menu is not translated
1908997 - Unsupported access mode should not be available when creating pvc by cinder-csi-driver/gcp-pd-csi-driver from web-console
1908998 - [cinder-csi-driver] doesn't detect the credentials change
1909004 - "No datapoints found" for RHEL node's filesystem graph
1909005 - i18n: workloads list view heading is not translated
1909012 - csi snapshot webhook does not block any invalid update for volumesnapshot and volumesnapshotcontent objects
1909027 - Disks option of Sectected capacity chart shows HDD disk even on selection of SDD disk type
1909043 - OCP + OCS 4.7 Internal - Storage cluster creation throws warning when zone=0 in VMware
1909067 - Web terminal should keep latest output when connection closes
1909070 - PLR and TR Logs component is not streaming as fast as tkn
1909092 - Error Message should not confuse user on Channel form
1909096 - OCP 4.7+OCS 4.7 - The Requested Cluster Capacity field needs to include the selected capacity in calculation in Review and Create Page
1909108 - Machine API components should use 1.20 dependencies
1909116 - Catalog Sort Items dropdown is not aligned on Firefox
1909198 - Move Sink action option is not working
1909207 - Accessibility Issue on monitoring page
1909236 - Remove pinned icon overlap on resource name
1909249 - Intermittent packet drop from pod to pod
1909276 - Accessibility Issue on create project modal
1909289 - oc debug of an init container no longer works
1909290 - Logging may be broken due to mix of k8s.io/klog v1 and v2
1909358 - registry.redhat.io/redhat/community-operator-index:latest only have hyperfoil-bundle
1909453 - Boot disk RAID can corrupt ESP if UEFI firmware writes to it
1909455 - Boot disk RAID will not boot if the primary disk enumerates but fails I/O
1909464 - Build operator-registry with golang-1.15
1909502 - NO_PROXY is not matched between bootstrap and global cluster setting which lead to desired master machineconfig is not found
1909521 - Add kubevirt cluster type for e2e-test workflow
1909527 - [IPI Baremetal] After upgrade from 4.6 to 4.7 metal3 pod does not get created
1909587 - [OCP4] all of the OCP master nodes with soft-anti-affinity run on the same OSP node
1909610 - Fix available capacity when no storage class selected
1909678 - scale up / down buttons available on pod details side panel
1909723 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART
1909730 - unbound variable error if EXTRA_PKGS_LIST is not defined
1909739 - Arbiter request data changes
1909744 - cluster-api-provider-openstack: Bump gophercloud
1909790 - PipelineBuilder yaml view cannot be used for editing a pipeline
1909791 - Update standalone kube-proxy config for EndpointSlice
1909792 - Empty states for some details page subcomponents are not i18ned
1909815 - Perspective switcher is only half-i18ned
1909821 - OCS 4.7 LSO installation blocked because of Error "Invalid value: "integer": spec.flexibleScaling in body
1909836 - operator-install-global Cypress test was failing in OLM as it depends on an operator that isn't installed in CI
1909864 - promote-release-openshift-machine-os-content-e2e-aws-4.5 is perm failing
1909911 - [OVN]EgressFirewall caused a segfault
1909943 - Upgrade from 4.6 to 4.7 stuck due to write /sys/devices/xxxx/block/sda/queue/scheduler: invalid argument
1909958 - Support Quick Start Highlights Properly
1909978 - ignore-volume-az = yes not working on standard storageClass
1909981 - Improve statement in template select step
1909992 - Fail to pull the bundle image when using the private index image
1910024 - Reload issue in latest(4.7) UI code on 4.6 cluster locally in dev
1910036 - QE - Design Gherkin Scenarios ODC-4504
1910049 - UPI: ansible-galaxy is not supported
1910127 - [UPI on oVirt]: Improve UPI Documentation
1910140 - fix the api dashboard with changes in upstream kube 1.20
1910160 - If two OperatorConditions include the same deployments they will keep updating the deployment's containers with the OPERATOR_CONDITION_NAME Environment Variable
1910165 - DHCP to static lease script doesn't handle multiple addresses
1910305 - [Descheduler] - The minKubeVersion should be 1.20.0
1910409 - Notification drawer is not localized for i18n
1910459 - Could not provision gcp volume if delete secret gcp-pd-cloud-credentials
1910492 - KMS details are auto-populated on the screen in next attempt at Storage cluster creation
1910501 - Installed Operators->Operand required: Clicking on cancel in Storage cluster page takes back to the Install Operator page
1910533 - [OVN] It takes about 5 minutes for EgressIP failover to work
1910581 - library-go: proxy ENV is not injected into csi-driver-controller which lead to storage operator never get ready
1910666 - Creating a Source Secret from type SSH-Key should use monospace font for better usability
1910738 - OCP 4.7 Installation fails on VMWare due to 1 worker that is degraded
1910739 - Redfish-virtualmedia (idrac) deploy fails on "The Virtual Media image server is already connected"
1910753 - Support Directory Path to Devfile
1910805 - Missing translation for Pipeline status and breadcrumb text
1910829 - Cannot delete a PVC if the dv's phase is WaitForFirstConsumer
1910840 - Show Nonexistent command info in theoc rollback -hhelp page
1910859 - breadcrumbs doesn't use last namespace
1910866 - Unify templates string
1910870 - Unify template dropdown action
1911016 - Prometheus unable to mount NFS volumes after upgrading to 4.6
1911129 - Monitoring charts renders nothing when switching from a Deployment to "All workloads"
1911176 - [MSTR-998] Wrong text shown when hovering on lines of charts in API Performance dashboard
1911212 - [MSTR-998] API Performance Dashboard "Period" drop-down has a choice "$__auto_interval_period" which can bring "1:154: parse error: missing unit character in duration"
1911213 - Wrong and misleading warning for VMs that were created manually (not from template)
1911257 - [aws-c2s] failed to create cluster, kube-cloud-config was not created
1911269 - waiting for the build message present when build exists
1911280 - Builder images are not detected for Dotnet, Httpd, NGINX
1911307 - Pod Scale-up requires extra privileges in OpenShift web-console
1911381 - "Select Persistent Volume Claim project" shows in customize wizard when select a source available template
1911382 - "source volumeMode (Block) and target volumeMode (Filesystem) do not match" shows in VM Error
1911387 - Hit error - "Cannot read property 'value' of undefined" while creating VM from template
1911408 - [e2e][automation] Add auto-clone cli tests and new flow of VM creation
1911418 - [v2v] The target storage class name is not displayed if default storage class is used
1911434 - git ops empty state page displays icon with watermark
1911443 - SSH Cretifiaction field should be validated
1911465 - IOPS display wrong unit
1911474 - Devfile Application Group Does Not Delete Cleanly (errors)
1911487 - Pruning Deployments should use ReplicaSets instead of ReplicationController
1911574 - Expose volume mode on Upload Data form
1911617 - [CNV][UI] Failure to add source to VM template when no default storage class is defined
1911632 - rpm-ostree command fail due to wrong options when updating ocp-4.6 to 4.7 on worker nodes with rt-kernel
1911656 - using 'operator-sdk run bundle' to install operator successfully, but the command output said 'Failed to run bundle''
1911664 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state
1911782 - Descheduler should not evict pod used local storage by the PVC
1911796 - uploading flow being displayed before submitting the form
1912066 - The ansible type operator's manager container is not stable when managing the CR
1912077 - helm operator's default rbac forbidden
1912115 - [automation] Analyze job keep failing because of 'JavaScript heap out of memory'
1912237 - Rebase CSI sidecars for 4.7
1912381 - [e2e][automation] Miss css ID on Create Network Attachment Definition page
1912409 - Fix flow schema deployment
1912434 - Update guided tour modal title
1912522 - DNS Operator e2e test: TestCoreDNSImageUpgrade is fundamentally broken
1912523 - Standalone pod status not updating in topology graph
1912536 - Console Plugin CR for console-demo-plugin has wrong apiVersion
1912558 - TaskRun list and detail screen doesn't show Pending status
1912563 - p&f: carry 97206: clean up executing request on panic
1912565 - OLM macOS local build broken by moby/term dependency
1912567 - [OCP on RHV] Node becomes to 'NotReady' status when shutdown vm from RHV UI only on the second deletion
1912577 - 4.1/4.2->4.3->...-> 4.7 upgrade is stuck during 4.6->4.7 with co/openshift-apiserver Degraded, co/network not Available and several other components pods CrashLoopBackOff
1912590 - publicImageRepository not being populated
1912640 - Go operator's controller pods is forbidden
1912701 - Handle dual-stack configuration for NIC IP
1912703 - multiple queries can't be plotted in the same graph under some conditons
1912730 - Operator backed: In-context should support visual connector if SBO is not installed
1912828 - Align High Performance VMs with High Performance in RHV-UI
1912849 - VM from wizard - default flavor does not match the actual flavor set by common templates
1912852 - VM from wizard - available VM templates - "storage" field is "0 B"
1912888 - recycler template should be moved to KCM operator
1912907 - Helm chart repository index can contain unresolvable relative URL's
1912916 - Set external traffic policy to cluster for IBM platform
1912922 - Explicitly specifying the operator generated default certificate for an ingress controller breaks the ingress controller
1912938 - Update confirmation modal for quick starts
1912942 - cluster-storage-operator: proxy ENV is not injected into vsphere-problem-detector deployment
1912944 - cluster-storage-operator: proxy ENV is not injected into Manila CSI driver operator deployment
1912945 - aws-ebs-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912946 - gcp-pd-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912947 - openstack-cinder-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912948 - csi-driver-manila-operator: proxy ENV is not injected into the CSI driver
1912949 - ovirt-csi-driver-operator: proxy ENV is not injected into the CSI driver
1912977 - rebase upstream static-provisioner
1913006 - Remove etcd v2 specific alerts with etcd_http* metrics
1913011 - [OVN] Pod's external traffic not use egressrouter macvlan ip as a source ip
1913037 - update static-provisioner base image
1913047 - baremetal clusteroperator progressing status toggles between true and false when cluster is in a steady state
1913085 - Regression OLM uses scoped client for CRD installation
1913096 - backport: cadvisor machine metrics are missing in k8s 1.19
1913132 - The installation of Openshift Virtualization reports success early before it 's succeeded eventually
1913154 - Upgrading to 4.6.10 nightly failed with RHEL worker nodes: Failed to find /dev/disk/by-label/root
1913196 - Guided Tour doesn't handle resizing of browser
1913209 - Support modal should be shown for community supported templates
1913226 - [Migration] The SDN migration rollback failed if customize vxlanPort
1913249 - update info alert this template is not aditable
1913285 - VM list empty state should link to virtualization quick starts
1913289 - Rebase AWS EBS CSI driver for 4.7
1913292 - OCS 4.7 Installation failed over vmware when arbiter was enabled, as flexibleScaling is also getting enabled
1913297 - Remove restriction of taints for arbiter node
1913306 - unnecessary scroll bar is present on quick starts panel
1913325 - 1.20 rebase for openshift-apiserver
1913331 - Import from git: Fails to detect Java builder
1913332 - Pipeline visualization breaks the UI when multiple taskspecs are used
1913343 - (release-4.7) Added changelog file for insights-operator
1913356 - (release-4.7) Implemented gathering specific logs from openshift apiserver operator
1913371 - Missing i18n key "Administrator" in namespace "console-app" and language "en."
1913386 - users can see metrics of namespaces for which they don't have rights when monitoring own services with prometheus user workloads
1913420 - Time duration setting of resources is not being displayed
1913536 - 4.6.9 -> 4.7 upgrade hangs. RHEL 7.9 worker stuck on "error enabling unit: Failed to execute operation: File exists\\n\"
1913554 - Recording rule for ingress error fraction SLI is incorrect, uses irate instead of increase
1913560 - Normal user cannot load template on the new wizard
1913563 - "Virtual Machine" is not on the same line in create button when logged with normal user
1913567 - Tooltip data should be same for line chart or stacked chart, display data value same as the table
1913568 - Normal user cannot create template
1913582 - [Migration]SDN to OVN migration stucks on MCO for rhel worker
1913585 - Topology descriptive text fixes
1913608 - Table data contains data value None after change time range in graph and change back
1913651 - Improved Red Hat image and crashlooping OpenShift pod collection
1913660 - Change location and text of Pipeline edit flow alert
1913685 - OS field not disabled when creating a VM from a template
1913716 - Include additional use of existing libraries
1913725 - Refactor Insights Operator Plugin states
1913736 - Regression: fails to deploy computes when using root volumes
1913747 - Update operator to kubernetes 1.20.1 to pickup upstream fixes
1913751 - add third-party network plugin test suite to openshift-tests
1913783 - QE-To fix the merging pr issue, commenting the afterEach() block
1913807 - Template support badge should not be shown for community supported templates
1913821 - Need definitive steps about uninstalling descheduler operator
1913851 - Cluster Tasks are not sorted in pipeline builder
1913864 - BuildConfig YAML template references ruby ImageStreamTag that no longer exists
1913951 - Update the Devfile Sample Repo to an Official Repo Host
1913960 - Cluster Autoscaler should use 1.20 dependencies
1913969 - Field dependency descriptor can sometimes cause an exception
1914060 - Disk created from 'Import via Registry' cannot be used as boot disk
1914066 - [sriov] sriov dp pod crash when delete ovs HW offload policy
1914090 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks)
1914119 - vsphere problem detector operator has no permission to update storages.operator.openshift.io instances
1914125 - Still using /dev/vde as default device path when create localvolume
1914183 - Empty NAD page is missing link to quickstarts
1914196 - target port infrom dockerfileflow does nothing
1914204 - Creating VM from dev perspective may fail with template not found error
1914209 - Associate image secret name to pipeline serviceaccount imagePullSecrets
1914212 - [e2e][automation] Add test to validate bootable disk souce
1914250 - ovnkube-node fails on master nodes when both DHCPv6 and SLAAC addresses are configured on nodes
1914284 - Upgrade to OCP 4.6.9 results in cluster-wide DNS and connectivity issues due to bad NetworkPolicy flows
1914287 - Bring back selfLink
1914301 - User VM Template source should show the same provider as template itself
1914303 - linuxptp-daemon is not forwarding ptp4l stderr output to openshift logs
1914309 - /terminal page when WTO not installed shows nonsensical error
1914334 - order of getting started samples is arbitrary
1914343 - [sig-imageregistry][Feature:ImageTriggers] Annotation trigger reconciles after the image is overwritten [Suite:openshift/conformance/parallel] timeout on s390x
1914349 - Increase and decrease buttons in max and min pods in HPA page has distorted UI
1914405 - Quick search modal should be opened when coming back from a selection
1914407 - Its not clear that node-ca is running as non-root
1914427 - Count of pods on the dashboard is incorrect
1914439 - Typo in SRIOV port create command example
1914451 - cluster-storage-operator pod running as root
1914452 - oc image append, oc image extract outputs wrong suggestion to use --keep-manifest-list=true
1914642 - Customize Wizard Storage tab does not pass validation
1914723 - SamplesTBRInaccessibleOnBoot Alert has a misspelling
1914793 - device names should not be translated
1914894 - Warn about using non-groupified api version
1914926 - webdriver-manager pulls incorrect version of ChomeDriver due to a bug
1914932 - Put correct resource name in relatedObjects
1914938 - PVC disk is not shown on customization wizard general tab
1914941 - VM Template rootdisk is not deleted after fetching default disk bus
1914975 - Collect logs from openshift-sdn namespace
1915003 - No estimate of average node readiness during lifetime of a cluster
1915027 - fix MCS blocking iptables rules
1915041 - s3:ListMultipartUploadParts is relied on implicitly
1915079 - Canary controller should not periodically rotate the canary route endpoint for performance reasons
1915080 - Large number of tcp connections with shiftstack ocp cluster in about 24 hours
1915085 - Pods created and rapidly terminated get stuck
1915114 - [aws-c2s] worker machines are not create during install
1915133 - Missing default pinned nav items in dev perspective
1915176 - Update snapshot API CRDs to v1 in web-console when creating volumesnapshot related resource
1915187 - Remove the "Tech preview" tag in web-console for volumesnapshot
1915188 - Remove HostSubnet anonymization
1915200 - [OCP 4.7+ OCS 4.6]Arbiter related Note should not show up during UI deployment
1915217 - OKD payloads expect to be signed with production keys
1915220 - Remove dropdown workaround for user settings
1915235 - Failed to upgrade to 4.7 from 4.6 due to the machine-config failure
1915262 - When deploying with assisted install the CBO operator is installed and enabled without metal3 pod
1915277 - [e2e][automation]fix cdi upload form test
1915295 - [BM][IP][Dualstack] Installation failed - operators report dial tcp 172.30.0.1:443: i/o timeout
1915304 - Updating scheduling component builder & base images to be consistent with ART
1915312 - Prevent schedule Linux openshift-network-diagnostics pod on Windows node
1915318 - [Metal] bareMetal IPI - cannot interact with toolbox container after first execution only in parallel from different connection
1915348 - [RFE] linuxptp operator needs to expose the uds_address_socket to be used by an application pod
1915357 - Dev Catalog doesn't load anything if virtualization operator is installed
1915379 - New template wizard should require provider and make support input a dropdown type
1915408 - Failure in operator-registry kind e2e test
1915416 - [Descheduler] descheduler evicts pod which does not have any ownerRef or descheduler evict annotation
1915460 - Cluster name size might affect installations
1915500 - [aws c2s] kube-controller-manager crash loops trying to fetch the AWS instance
1915540 - Silent 4.7 RHCOS install failure on ppc64le
1915579 - [Metal] redhat-support-tool became unavailable after tcpdump usage (BareMetal IPI)
1915582 - p&f: carry upstream pr 97860
1915594 - [e2e][automation] Improve test for disk validation
1915617 - Bump bootimage for various fixes
1915624 - "Please fill in the following field: Template provider" blocks customize wizard
1915627 - Translate Guided Tour text.
1915643 - OCP4.6 to 4.7 upgrade failed due to manila csi driver operator sync error
1915647 - Intermittent White screen when the connector dragged to revision
1915649 - "Template support" pop up is not a warning; checkbox text should be rephrased
1915654 - [e2e][automation] Add a verification for Afinity modal should hint "Matching node found"
1915661 - Can't run the 'oc adm prune' command in a pod
1915672 - Kuryr doesn't work with selfLink disabled.
1915674 - Golden image PVC creation - storage size should be taken from the template
1915685 - Message for not supported template is not clear enough
1915760 - Need to increase timeout to wait rhel worker get ready
1915793 - quick starts panel syncs incorrectly across browser windows
1915798 - oauth connection errors for openshift console pods on an OVNKube OCP 4.7 cluster
1915818 - vsphere-problem-detector: use "_totals" in metrics
1915828 - Latest Dell firmware (04.40.00.00) fails to install IPI on BM using idrac-virtualmedia protocol
1915859 - vsphere-problem-detector: does not report ESXi host version nor VM HW version
1915871 - operator-sdk version in new downstream image should be v1.2.0-ocp not v4.7.0
1915879 - Pipeline Dashboard tab Rename to Pipeline Metrics
1915885 - Kuryr doesn't support workers running on multiple subnets
1915898 - TaskRun log output shows "undefined" in streaming
1915907 - test/cmd/builds.sh uses docker.io
1915912 - sig-storage-csi-snapshotter image not available
1915926 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder & base images to be consistent with ART
1915929 - A11y Violation: svg-img-alt for time axis of Utilization Card on Cluster Dashboard
1915939 - Resizing the browser window removes Web Terminal Icon
1915945 - [sig-scheduling] SchedulerPreemption [Serial] validates basic preemption works [Conformance]
1915959 - Baremetal cluster operator is included in a ROKS installation of 4.7
1915962 - ROKS: manifest with machine health check fails to apply in 4.7
1915972 - Global configuration breadcrumbs do not work as expected
1915981 - Install ethtool and conntrack in container for debugging
1915995 - "Edit RoleBinding Subject" action under RoleBinding list page kebab actions causes unhandled exception
1915998 - Installer bootstrap node setting of additional subnets inconsistent with additional security groups
1916021 - OLM enters infinite loop if Pending CSV replaces itself
1916056 - Need Visual Web Terminal metric enabled for OCP monitoring telemetry
1916081 - non-existant should be non-existent in CloudCredentialOperatorTargetNamespaceMissing alert's annotations
1916099 - VM creation - customization wizard - user should be allowed to delete and re-create root disk
1916126 - [e2e][automation] Help fix tests for vm guest-agent and next-run-configuration
1916145 - Explicitly set minimum versions of python libraries
1916164 - Update csi-driver-nfs builder & base images to be consistent with ART
1916221 - csi-snapshot-controller-operator: bump dependencies for 4.7
1916271 - Known issues should mention failure to apply soft-anti-affinity to masters beyond the third
1916363 - [OVN] ovs-configuration.service reports as failed within all nodes using version 4.7.0-fc.2
1916379 - error metrics from vsphere-problem-detector should be gauge
1916382 - Can't create ext4 filesystems with Ignition
1916384 - 4.5.15 and later cluster-version operator does not sync ClusterVersion status before exiting, leaving 'verified: false' even for verified updates
1916401 - Deleting an ingress controller with a bad DNS Record hangs
1916417 - [Kuryr] Must-gather does not have all Custom Resources information
1916419 - [sig-devex][Feature:ImageEcosystem][Slow] openshift images should be SCL enabled returning s2i usage when running the image
1916454 - teach CCO about upgradeability from 4.6 to 4.7
1916486 - [OCP RHV] [Docs] Update RHV CSI provisioning section in OCP documenation
1916502 - Boot disk mirroring fails with mdadm error
1916524 - Two rootdisk shows on storage step
1916580 - Default yaml is broken for VM and VM template
1916621 - oc adm node-logs examples are wrong
1916642 - [zh_CN] Redundant period in Secrets - Create drop down menu - Key value secret.
1916692 - Possibly fails to destroy LB and thus cluster
1916711 - Update Kube dependencies in MCO to 1.20.0
1916747 - remove links to quick starts if virtualization operator isn't updated to 2.6
1916764 - editing a workload with no application applied, will auto fill the app
1916834 - Pipeline Metrics - Text Updates
1916843 - collect logs from openshift-sdn-controller pod
1916853 - cluster will not gracefully recover if openshift-etcd namespace is removed
1916882 - OCS 4.7 LSO : wizard (Discover disks and create storageclass) does not show zone when topology.kubernetes.io/zone are added manually
1916888 - OCS wizard Donor chart does not get updated whenDevice Typeis edited
1916938 - Using 4.6 install-config.yaml file with lbFloatingIP results in validation error "Forbidden: cannot specify lbFloatingIP and apiFloatingIP together"
1916949 - ROKS: manifests in openshift-oauth-apiserver ns fails to create with non-existent namespace
1917101 - [UPI on oVirt] - 'RHCOS image' topic isn't located in the right place in UPI document
1917114 - Upgrade from 4.5.9 to 4.7 fails as authentication operator is Degraded due to '"ProxyConfigController" controller failed to sync "key"' error
1917117 - Common templates - disks screen: invalid disk name
1917124 - Custom template - clone existing PVC - the name of the target VM's data volume is hard-coded; only one VM can be created
1917146 - [oVirt] Consume 23-10 ovirt sdk- csi operator
1917147 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable.
1917148 - [oVirt] Consume 23-10 ovirt sdk
1917239 - Monitoring time options overlaps monitoring tab navigation when Quickstart panel is opened
1917272 - Should update the default minSize to 1Gi when create localvolumeset on web console
1917303 - [automation][e2e] make kubevirt-plugin gating job mandatory
1917315 - localvolumeset-local-provisoner-xxx pods are not killed after upgrading from 4.6 to 4.7
1917327 - annotations.message maybe wrong for NTOPodsNotReady alert
1917367 - Refactor periodic.go
1917371 - Add docs on how to use the built-in profiler
1917372 - Application metrics are shown on Metrics dashboard but not in linked Prometheus UI in OCP management console
1917395 - pv-pool backing store name restriction should be at 43 characters from the ocs ui
1917484 - [BM][IPI] Failed to scale down machineset
1917522 - Deprecate --filter-by-os in oc adm catalog mirror
1917537 - controllers continuously busy reconciling operator
1917551 - use min_over_time for vsphere prometheus alerts
1917585 - OLM Operator install page missing i18n
1917587 - Manila CSI operator becomes degraded if user doesn't have permissions to list share types
1917605 - Deleting an exgw causes pods to no longer route to other exgws
1917614 - [aws c2s] ingress operator uses unavailable resourcegrouptaggings API
1917656 - Add to Project/application for eventSources from topology shows 404
1917658 - Show TP badge for sources powered by camel connectors in create flow
1917660 - Editing parallelism of job get error info
1917678 - Could not provision pv when no symlink and target found on rhel worker
1917679 - Hide double CTA in admin pipelineruns tab
1917683 -NodeTextFileCollectorScrapeErroralert in OCP 4.6 cluster.
1917759 - Console operator panics after setting plugin that does not exists to the console-operator config
1917765 - ansible-operator version in downstream image should be v1.3.0 not v4.7.0
1917770 - helm-operator version in downstream image should be v1.3.0 not v4.7.0
1917799 - Gather s list of names and versions of installed OLM operators
1917803 - [sig-storage] Pod Disks should be able to delete a non-existent PD without error
1917814 - Show Broker create option in eventing under admin perspective
1917838 - MachineSet scaling from 0 is not available or evaluated incorrectly for the new or changed instance types
1917872 - [oVirt] rebase on latest SDK 2021-01-12
1917911 - network-tools needs ovnkube-trace binary from ovn-kubernetes image
1917938 - upgrade version of dnsmasq package
1917942 - Canary controller causes panic in ingress-operator
1918019 - Undesired scrollbars in markdown area of QuickStart
1918068 - Flaky olm integration tests
1918085 - reversed name of job and namespace in cvo log
1918112 - Flavor is not editable if a customize VM is created from cli
1918129 - Update IO sample archive with missing resources & remove IP anonymization from clusteroperator resources
1918132 - i18n: Volume Snapshot Contents menu is not translated
1918133 - [e2e][automation] Fix ocp 4.7 existing tests - part2
1918140 - Deployment openstack-cinder-csi-driver-controller and openstack-manila-csi-controllerplugin doesn't be installed on OSP
1918153 - When&character is set as an environment variable in a build config it is getting converted as\u00261918185 - Capitalization on PLR details page
1918287 - [ovirt] ovirt csi driver is flooding RHV with API calls and spam the event UI with new connections
1918318 - Kamelet connector's are not shown in eventing section under Admin perspective
1918351 - Gather SAP configuration (SCC & ClusterRoleBinding)
1918375 - [calico] rbac-proxy container in kube-proxy fails to create tokenreviews
1918395 - [ovirt] increase livenessProbe period
1918415 - MCD nil pointer on dropins
1918438 - [ja_JP, zh_CN] Serverless i18n misses
1918440 - Kernel Arguments get reapplied even when no new kargs has been added in MachineConfig
1918471 - CustomNoUpgrade Feature gates are not working correctly
1918558 - Supermicro nodes boot to PXE upon reboot after successful deployment to disk
1918622 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART
1918623 - Updating ose-jenkins-agent-nodejs-12 builder & base images to be consistent with ART
1918625 - Updating ose-jenkins-agent-nodejs-10 builder & base images to be consistent with ART
1918635 - Updating openshift-jenkins-2 builder & base images to be consistent with ART #1197
1918639 - Event listener with triggerRef crashes the console
1918648 - Subscription page doesn't show InstallPlan correctly
1918716 - Manilacsi becomes degraded even though it is not available with the underlying Openstack
1918748 - helmchartrepo is not http(s)_proxy-aware
1918757 - Consistant fallures of features/project-creation.feature Cypress test in CI
1918803 - Need dedicated details page w/ global config breadcrumbs for 'KnativeServing' plugin
1918826 - Insights popover icons are not horizontally aligned
1918879 - need better debug for bad pull secrets
1918958 - The default NMstate instance from the operator is incorrect
1919097 - Close bracket ")" missing at the end of the sentence in the UI
1919231 - quick search modal cut off on smaller screens
1919259 - Make "Add x" singular in Pipeline Builder
1919260 - VM Template list actions should not wrap
1919271 - NM prepender script doesn't support systemd-resolved
1919341 - Updating ose-jenkins-agent-maven builder & base images to be consistent with ART
1919360 - Need managed-cluster-info metric enabled for OCP monitoring telemetry
1919379 - dotnet logo out of date
1919387 - Console login fails with no error when it can't write to localStorage
1919396 - A11y Violation: svg-img-alt on Pod Status ring
1919407 - OpenStack IPI has three-node control plane limitation, but InstallConfigs aren't verified
1919750 - Search InstallPlans got Minified React error
1919778 - Upgrade is stuck in insights operator Degraded with "Source clusterconfig could not be retrieved" until insights operator pod is manually deleted
1919823 - OCP 4.7 Internationalization Chinese tranlate issue
1919851 - Visualization does not render when Pipeline & Task share same name
1919862 - The tip information foroc new-project --skip-config-writeis wrong
1919876 - VM created via customize wizard cannot inherit template's PVC attributes
1919877 - Click on KSVC breaks with white screen
1919879 - The toolbox container name is changed from 'toolbox-root' to 'toolbox-' in a chroot environment
1919945 - user entered name value overridden by default value when selecting a git repository
1919968 - [release-4.7] Undiagnosed panic detected in pod runtime.go:76: invalid memory address or nil pointer dereference
1919970 - NTO does not update when the tuned profile is updated.
1919999 - Bump Cluster Resource Operator Golang Versions
1920027 - machine-config-operator consistently failing during 4.6 to 4.7 upgrades and clusters do not install successfully with proxy configuration
1920200 - user-settings network error results in infinite loop of requests
1920205 - operator-registry e2e tests not working properly
1920214 - Bump golang to 1.15 in cluster-resource-override-admission
1920248 - re-running the pipelinerun with pipelinespec crashes the UI
1920320 - VM template field is "Not available" if it's created from common template
1920367 - When creating localvolumeset instance from the web console, the title for setting volumeMode isDisk Mode1920368 - Fix containers creation issue resulting in runc running on Guaranteed Pod CPUs
1920390 - Monitoring > Metrics graph shifts to the left when clicking the "Stacked" option and when toggling data series lines on / off
1920426 - Egress Router CNI OWNERS file should have ovn-k team members
1920427 - Need to updateoc loginhelp page since we don't support prompt interactively for the username
1920430 - [V2V] [UI] Browser window becomes empty when running import wizard for the first time
1920438 - openshift-tuned panics on turning debugging on/off.
1920445 - e2e-gcp-ovn-upgrade job is actually using openshift-sdn
1920481 - kuryr-cni pods using unreasonable amount of CPU
1920509 - wait for port 6443 to be open in the kube-scheduler container; use ss instead of lsof
1920524 - Topology graph crashes adding Open Data Hub operator
1920526 - catalog operator causing CPU spikes and bad etcd performance
1920551 - Boot Order is not editable for Templates in "openshift" namespace
1920555 - bump cluster-resource-override-admission api dependencies
1920571 - fcp multipath will not recover failed paths automatically
1920619 - Remove default scheduler profile value
1920655 - Console should not show the Create Autoscaler link in cluster settings when the CRD is not present
1920674 - MissingKey errors in bindings namespace
1920684 - Text in language preferences modal is misleading
1920695 - CI is broken because of bad image registry reference in the Makefile
1920756 - update generic-admission-server library to get the system:masters authorization optimization
1920769 - [Upgrade] OCP upgrade from 4.6.13 to 4.7.0-fc.4 for "network-check-target" failed when "defaultNodeSelector" is set
1920771 - i18n: Delete persistent volume claim drop down is not translated
1920806 - [OVN]Nodes lost network connection after reboot on the vSphere UPI
1920912 - Unable to power off BMH from console
1920981 - When OCS was deployed with arbiter mode enable add capacity is increasing the count by "2"
1920984 - [e2e][automation] some menu items names are out dated
1921013 - Gather PersistentVolume definition (if any) used in image registry config
1921023 - Do not enable Flexible Scaling to true for Internal mode clusters(revert to 4.6 behavior)
1921087 - 'start next quick start' link doesn't work and is unintuitive
1921088 - test-cmd is failing on volumes.sh pretty consistently
1921248 - Clarify the kubelet configuration cr description
1921253 - Text filter default placeholder text not internationalized
1921258 - User Preferences: Active perspective and project change in the current window when selected in a different window
1921275 - Panic in authentication-operator in (*deploymentController).updateOperatorDeploymentInfo
1921277 - Fix Warning and Info log statements to handle arguments
1921281 - oc get -o yaml --export returns "error: unknown flag: --export"
1921458 - [SDK] Gracefully handle therun bundle-upgradeif the lower version operator doesn't exist
1921556 - [OCS with Vault]: OCS pods didn't comeup after deploying with Vault details from UI
1921572 - For external source (i.e GitHub Source) form view as well shows yaml
1921580 - [e2e][automation]Test VM detail view actions dropdown does not pass
1921610 - Pipeline metrics font size inconsistency
1921644 - [e2e][automation] tests errors with wrong cloudInit new line syntax
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1921655 - [OSP] Incorrect error handling during cloudinfo generation
1921713 - [e2e][automation] fix failing VM migration tests
1921762 - Serving and Eventing breadcrumbs should direct users back to tabbed page view
1921774 - delete application modal errors when a resource cannot be found
1921806 - Explore page APIResourceLinks aren't i18ned
1921823 - CheckBoxControls not internationalized
1921836 - AccessTableRows don't internationalize "User" or "Group"
1921857 - Test flake when hitting router in e2e tests due to one router not being up to date
1921880 - Dynamic plugins are not initialized on console load in production mode
1921911 - Installer PR #4589 is causing leak of IAM role policy bindings
1921921 - "Global Configuration" breadcrumb does not use sentence case
1921949 - Console bug - source code URL broken for gitlab self-hosted repositories
1921954 - Subscription-related constraints in ResolutionFailed events are misleading
1922015 - buttons in modal header are invisible on Safari
1922021 - Nodes terminal page 'Expand' 'Collapse' button not translated
1922050 - [e2e][automation] Improve vm clone tests
1922066 - Cannot create VM from custom template which has extra disk
1922098 - Namespace selection dialog is not closed after select a namespace
1922099 - Updated Readme documentation for QE code review and setup
1922146 - Egress Router CNI doesn't have logging support.
1922267 - Collect specific ADFS error
1922292 - Bump RHCOS boot images for 4.7
1922454 - CRI-O doesn't enable pprof by default
1922473 - reconcile LSO images for 4.8
1922573 - oc returns an error while using -o jsonpath when there is no resource found in the namespace
1922782 - Source registry missing docker:// in yaml
1922907 - Interop UI Tests - step implementation for updating feature files
1922911 - Page crash when click the "Stacked" checkbox after clicking the data series toggle buttons
1922991 - "verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build" test fails on OKD
1923003 - WebConsole Insights widget showing "Issues pending" when the cluster doesn't report anything
1923098 - [vsphere-problem-detector-operator] Need permission to access replicasets.apps resources
1923102 - [vsphere-problem-detector-operator] pod's version is not correct
1923245 - [Assisted-4.7] [Staging][Minimal-ISO] nodes fails to boot
1923674 - k8s 1.20 vendor dependencies
1923721 - PipelineRun running status icon is not rotating
1923753 - Increase initialDelaySeconds for ovs-daemons container in the ovs-node daemonset for upgrade scenarios
1923774 - Docker builds failing for openshift/cluster-resource-override-admission-operator
1923802 - ci/prow/e2e-aws-olm build failing for openshift/cluster-resource-override-admission-operator
1923874 - Unable to specify values with % in kubeletconfig
1923888 - Fixes error metadata gathering
1923892 - Update arch.md after refactor.
1923894 - "installed" operator status in operatorhub page does not reflect the real status of operator
1923895 - Changelog generation.
1923911 - [e2e][automation] Improve tests for vm details page and list filter
1923945 - PVC Name and Namespace resets when user changes os/flavor/workload
1923951 - EventSources showsundefined` in project
1923973 - Dynamic plugin demo README does not contain info how to enable the ConsolePlugins
1924046 - Localhost: Refreshing on a Project removes it from nav item urls
1924078 - Topology quick search View all results footer should be sticky.
1924081 - NTO should ship the latest Tuned daemon release 2.15
1924084 - backend tests incorrectly hard-code artifacts dir
1924128 - [sig-builds][Feature:Builds] verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build
1924135 - Under sufficient load, CRI-O may segfault
1924143 - Code Editor Decorator url is broken for Bitbucket repos
1924188 - Language selector dropdown doesn't always pre-select the language
1924365 - Add extra disk for VM which use boot source PXE
1924383 - Degraded network operator during upgrade to 4.7.z
1924387 - [ja_JP][zh_CN] Incorrect warning message for deleting namespace on Delete Pod dialog box.
1924480 - non cluster admin can not take VM snapshot: An error occurred, cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on
1924583 - Deprectaed templates are listed in the Templates screen
1924870 - pick upstream pr#96901: plumb context with request deadline
1924955 - Images from Private external registry not working in deploy Image
1924961 - k8sutil.TrimDNS1123Label creates invalid values
1924985 - Build egress-router-cni for both RHEL 7 and 8
1925020 - Console demo plugin deployment image shoult not point to dockerhub
1925024 - Remove extra validations on kafka source form view net section
1925039 - [e2e] Fix Test - ID(CNV-5327) Change Custom Flavor while VM is running
1925072 - NTO needs to ship the current latest stalld v1.7.0
1925163 - Missing info about dev catalog in boot source template column
1925200 - Monitoring Alert icon is missing on the workload in Topology view
1925262 - apiserver getting 2 SIGTERM signals which was immediately making it exit code 1
1925319 - bash syntax error in configure-ovs.sh script
1925408 - Remove StatefulSet gatherer and replace it with gathering corresponding config map data
1925516 - Pipeline Metrics Tooltips are overlapping data
1925562 - Add new ArgoCD link from GitOps application environments page
1925596 - Gitops details page image and commit id text overflows past card boundary
1926556 - 'excessive etcd leader changes' test case failing in serial job because prometheus data is wiped by machine set test
1926588 - The tarball of operator-sdk is not ready for ocp4.7
1927456 - 4.7 still points to 4.6 catalog images
1927500 - API server exits non-zero on 2 SIGTERM signals
1929278 - Monitoring workloads using too high a priorityclass
1929645 - Remove openshift:kubevirt-machine-controllers decleration from machine-api
1929920 - Cluster monitoring documentation link is broken - 404 not found
- References:
https://access.redhat.com/security/cve/CVE-2018-10103 https://access.redhat.com/security/cve/CVE-2018-10105 https://access.redhat.com/security/cve/CVE-2018-14461 https://access.redhat.com/security/cve/CVE-2018-14462 https://access.redhat.com/security/cve/CVE-2018-14463 https://access.redhat.com/security/cve/CVE-2018-14464 https://access.redhat.com/security/cve/CVE-2018-14465 https://access.redhat.com/security/cve/CVE-2018-14466 https://access.redhat.com/security/cve/CVE-2018-14467 https://access.redhat.com/security/cve/CVE-2018-14468 https://access.redhat.com/security/cve/CVE-2018-14469 https://access.redhat.com/security/cve/CVE-2018-14470 https://access.redhat.com/security/cve/CVE-2018-14553 https://access.redhat.com/security/cve/CVE-2018-14879 https://access.redhat.com/security/cve/CVE-2018-14880 https://access.redhat.com/security/cve/CVE-2018-14881 https://access.redhat.com/security/cve/CVE-2018-14882 https://access.redhat.com/security/cve/CVE-2018-16227 https://access.redhat.com/security/cve/CVE-2018-16228 https://access.redhat.com/security/cve/CVE-2018-16229 https://access.redhat.com/security/cve/CVE-2018-16230 https://access.redhat.com/security/cve/CVE-2018-16300 https://access.redhat.com/security/cve/CVE-2018-16451 https://access.redhat.com/security/cve/CVE-2018-16452 https://access.redhat.com/security/cve/CVE-2018-20843 https://access.redhat.com/security/cve/CVE-2019-3884 https://access.redhat.com/security/cve/CVE-2019-5018 https://access.redhat.com/security/cve/CVE-2019-6977 https://access.redhat.com/security/cve/CVE-2019-6978 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-9455 https://access.redhat.com/security/cve/CVE-2019-9458 https://access.redhat.com/security/cve/CVE-2019-11068 https://access.redhat.com/security/cve/CVE-2019-12614 https://access.redhat.com/security/cve/CVE-2019-13050 https://access.redhat.com/security/cve/CVE-2019-13225 https://access.redhat.com/security/cve/CVE-2019-13627 https://access.redhat.com/security/cve/CVE-2019-14889 https://access.redhat.com/security/cve/CVE-2019-15165 https://access.redhat.com/security/cve/CVE-2019-15166 https://access.redhat.com/security/cve/CVE-2019-15903 https://access.redhat.com/security/cve/CVE-2019-15917 https://access.redhat.com/security/cve/CVE-2019-15925 https://access.redhat.com/security/cve/CVE-2019-16167 https://access.redhat.com/security/cve/CVE-2019-16168 https://access.redhat.com/security/cve/CVE-2019-16231 https://access.redhat.com/security/cve/CVE-2019-16233 https://access.redhat.com/security/cve/CVE-2019-16935 https://access.redhat.com/security/cve/CVE-2019-17450 https://access.redhat.com/security/cve/CVE-2019-17546 https://access.redhat.com/security/cve/CVE-2019-18197 https://access.redhat.com/security/cve/CVE-2019-18808 https://access.redhat.com/security/cve/CVE-2019-18809 https://access.redhat.com/security/cve/CVE-2019-19046 https://access.redhat.com/security/cve/CVE-2019-19056 https://access.redhat.com/security/cve/CVE-2019-19062 https://access.redhat.com/security/cve/CVE-2019-19063 https://access.redhat.com/security/cve/CVE-2019-19068 https://access.redhat.com/security/cve/CVE-2019-19072 https://access.redhat.com/security/cve/CVE-2019-19221 https://access.redhat.com/security/cve/CVE-2019-19319 https://access.redhat.com/security/cve/CVE-2019-19332 https://access.redhat.com/security/cve/CVE-2019-19447 https://access.redhat.com/security/cve/CVE-2019-19524 https://access.redhat.com/security/cve/CVE-2019-19533 https://access.redhat.com/security/cve/CVE-2019-19537 https://access.redhat.com/security/cve/CVE-2019-19543 https://access.redhat.com/security/cve/CVE-2019-19602 https://access.redhat.com/security/cve/CVE-2019-19767 https://access.redhat.com/security/cve/CVE-2019-19770 https://access.redhat.com/security/cve/CVE-2019-19906 https://access.redhat.com/security/cve/CVE-2019-19956 https://access.redhat.com/security/cve/CVE-2019-20054 https://access.redhat.com/security/cve/CVE-2019-20218 https://access.redhat.com/security/cve/CVE-2019-20386 https://access.redhat.com/security/cve/CVE-2019-20387 https://access.redhat.com/security/cve/CVE-2019-20388 https://access.redhat.com/security/cve/CVE-2019-20454 https://access.redhat.com/security/cve/CVE-2019-20636 https://access.redhat.com/security/cve/CVE-2019-20807 https://access.redhat.com/security/cve/CVE-2019-20812 https://access.redhat.com/security/cve/CVE-2019-20907 https://access.redhat.com/security/cve/CVE-2019-20916 https://access.redhat.com/security/cve/CVE-2020-0305 https://access.redhat.com/security/cve/CVE-2020-0444 https://access.redhat.com/security/cve/CVE-2020-1716 https://access.redhat.com/security/cve/CVE-2020-1730 https://access.redhat.com/security/cve/CVE-2020-1751 https://access.redhat.com/security/cve/CVE-2020-1752 https://access.redhat.com/security/cve/CVE-2020-1971 https://access.redhat.com/security/cve/CVE-2020-2574 https://access.redhat.com/security/cve/CVE-2020-2752 https://access.redhat.com/security/cve/CVE-2020-2922 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3898 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-6405 https://access.redhat.com/security/cve/CVE-2020-7595 https://access.redhat.com/security/cve/CVE-2020-7774 https://access.redhat.com/security/cve/CVE-2020-8177 https://access.redhat.com/security/cve/CVE-2020-8492 https://access.redhat.com/security/cve/CVE-2020-8563 https://access.redhat.com/security/cve/CVE-2020-8566 https://access.redhat.com/security/cve/CVE-2020-8619 https://access.redhat.com/security/cve/CVE-2020-8622 https://access.redhat.com/security/cve/CVE-2020-8623 https://access.redhat.com/security/cve/CVE-2020-8624 https://access.redhat.com/security/cve/CVE-2020-8647 https://access.redhat.com/security/cve/CVE-2020-8648 https://access.redhat.com/security/cve/CVE-2020-8649 https://access.redhat.com/security/cve/CVE-2020-9327 https://access.redhat.com/security/cve/CVE-2020-9802 https://access.redhat.com/security/cve/CVE-2020-9803 https://access.redhat.com/security/cve/CVE-2020-9805 https://access.redhat.com/security/cve/CVE-2020-9806 https://access.redhat.com/security/cve/CVE-2020-9807 https://access.redhat.com/security/cve/CVE-2020-9843 https://access.redhat.com/security/cve/CVE-2020-9850 https://access.redhat.com/security/cve/CVE-2020-9862 https://access.redhat.com/security/cve/CVE-2020-9893 https://access.redhat.com/security/cve/CVE-2020-9894 https://access.redhat.com/security/cve/CVE-2020-9895 https://access.redhat.com/security/cve/CVE-2020-9915 https://access.redhat.com/security/cve/CVE-2020-9925 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-10029 https://access.redhat.com/security/cve/CVE-2020-10732 https://access.redhat.com/security/cve/CVE-2020-10749 https://access.redhat.com/security/cve/CVE-2020-10751 https://access.redhat.com/security/cve/CVE-2020-10763 https://access.redhat.com/security/cve/CVE-2020-10773 https://access.redhat.com/security/cve/CVE-2020-10774 https://access.redhat.com/security/cve/CVE-2020-10942 https://access.redhat.com/security/cve/CVE-2020-11565 https://access.redhat.com/security/cve/CVE-2020-11668 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/cve/CVE-2020-12465 https://access.redhat.com/security/cve/CVE-2020-12655 https://access.redhat.com/security/cve/CVE-2020-12659 https://access.redhat.com/security/cve/CVE-2020-12770 https://access.redhat.com/security/cve/CVE-2020-12826 https://access.redhat.com/security/cve/CVE-2020-13249 https://access.redhat.com/security/cve/CVE-2020-13630 https://access.redhat.com/security/cve/CVE-2020-13631 https://access.redhat.com/security/cve/CVE-2020-13632 https://access.redhat.com/security/cve/CVE-2020-14019 https://access.redhat.com/security/cve/CVE-2020-14040 https://access.redhat.com/security/cve/CVE-2020-14381 https://access.redhat.com/security/cve/CVE-2020-14382 https://access.redhat.com/security/cve/CVE-2020-14391 https://access.redhat.com/security/cve/CVE-2020-14422 https://access.redhat.com/security/cve/CVE-2020-15157 https://access.redhat.com/security/cve/CVE-2020-15503 https://access.redhat.com/security/cve/CVE-2020-15862 https://access.redhat.com/security/cve/CVE-2020-15999 https://access.redhat.com/security/cve/CVE-2020-16166 https://access.redhat.com/security/cve/CVE-2020-24490 https://access.redhat.com/security/cve/CVE-2020-24659 https://access.redhat.com/security/cve/CVE-2020-25211 https://access.redhat.com/security/cve/CVE-2020-25641 https://access.redhat.com/security/cve/CVE-2020-25658 https://access.redhat.com/security/cve/CVE-2020-25661 https://access.redhat.com/security/cve/CVE-2020-25662 https://access.redhat.com/security/cve/CVE-2020-25681 https://access.redhat.com/security/cve/CVE-2020-25682 https://access.redhat.com/security/cve/CVE-2020-25683 https://access.redhat.com/security/cve/CVE-2020-25684 https://access.redhat.com/security/cve/CVE-2020-25685 https://access.redhat.com/security/cve/CVE-2020-25686 https://access.redhat.com/security/cve/CVE-2020-25687 https://access.redhat.com/security/cve/CVE-2020-25694 https://access.redhat.com/security/cve/CVE-2020-25696 https://access.redhat.com/security/cve/CVE-2020-26160 https://access.redhat.com/security/cve/CVE-2020-27813 https://access.redhat.com/security/cve/CVE-2020-27846 https://access.redhat.com/security/cve/CVE-2020-28362 https://access.redhat.com/security/cve/CVE-2020-29652 https://access.redhat.com/security/cve/CVE-2021-2007 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYDZ+bNzjgjWX9erEAQghXg//awGwjQxJ5LEZWBTdgyuCa8mHEi2rop5T lmebolBMNRSbo9gI8LMSHlvIBBFiV4CuFvfxE0AVLNentfzOTH11TxNWe1KQYt4H EmcGHPeHWTxKDkvAHtVcWXy9WN3y5d4lHSaq6AR1nHRPcj/k1upyx22kotpnYxN8 4d49PjFTO3YbmdYpNLVJ9nY8izqUpTfM7YSyj6ANZSlaYc5Z215o6TPo6e3wobf4 mWu+VfDS0v+/AbGhQhO2sQ7r2ysJ85MB7c62cxck4a51KiA0NKd4xr0TAA4KHnNL ISHFzi5QYXu+meE+9wYRo1ZjJ5fbPj41+1TJbR6O4CbP0xQiFpcUSipNju3rGSGy Ae5G/QGT8J7HzOjlKVvY3SFu/odENR6c+xUIr7IB/FBlu7DdPF2XxMZDQD4DKHEk 4aiDbuiEL3Yf78Ic1RqPPmrj9plIwprVFQz+k3JaQXKD+1dBxO6tk+nVu2/5xNbM uR03hrthYYIpdXLSWU4lzq8j3kQ9wZ4j/m2o6/K6eHNl9PyqAG5jfQv9bVf8E3oG krzc/JLvOfHNEQ/oJs/v/DFDmnAxshCCtGWlpLJ5J0pcD3EePsrPNs1QtQurVrMv RjfBCWKOij53+BinrMKHdsHxfur7GCFCIQCVaLIv6GUjX2NWI0voIVA8JkrFNNp6 McvuEaxco7U= =sw8i -----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. This caused a runtime error to occur when
using the Prometheus operand creation form. This was fixed by adding a
definitions property to schema returned by the definitionFor helper
function so that the $ref property can resolve. There are no longer
runtime errors when using the Prometheus operand creation form. Bugs fixed (https://bugzilla.redhat.com/):
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 1883268 - remove erroneously specified label drop rules 1885228 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users 1892585 - [release 4.5] cluster-monitoring-operator: Fix bug in reflector not recovering from "Too large resource version" 1893202 - e2e-operator flakes with "TestMetricsAccessible: prometheus returned unexpected results: timed out waiting for the condition" 1893742 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest 1894763 - Undiagnosed panic detected in pod 1894782 - OperatorHub generates incorrect RBAC 1895057 - Deleted netnamespace could not be re-created 1896990 - Console shows wrong value for maxUnavailable and maxSurge when set to 0
- ========================================================================== Ubuntu Security Notice USN-4468-1 August 21, 2020
bind9 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Bind.
Software Description: - bind9: Internet Domain Name Server
Details:
Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8620)
Joseph Gullo discovered that Bind incorrectly handled QNAME minimization when used in certain configurations. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8621)
Dave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind incorrectly handled certain truncated responses to a TSIG-signed request. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8622)
Lyu Chiy discovered that Bind incorrectly handled certain queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8623)
Joop Boonen discovered that Bind incorrectly handled certain subdomain update-policy rules. A remote attacker granted privileges to change certain parts of a zone could use this issue to change other contents of the zone, contrary to expectations. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8624)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04 LTS: bind9 1:9.16.1-0ubuntu2.3
Ubuntu 18.04 LTS: bind9 1:9.11.3+dfsg-1ubuntu1.13
Ubuntu 16.04 LTS: bind9 1:9.10.3.dfsg.P4-8ubuntu1.17
In general, a standard system update will make all the necessary changes. 8) - aarch64, ppc64le, s390x, x86_64
The following packages have been upgraded to a later upstream version: bind (9.11.20). Bugs fixed (https://bugzilla.redhat.com/):
1693395 - Remove revoked KSK from trusted keys 1749505 - internal test suite failures 1814158 - bind internal testsuite, random failure in autosign 1817870 - /usr/bin/nsupdate -g segfault when connect to AD 1847244 - CVE-2020-8619 bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c 1848169 - named-checkconf fails to validate configuration file with CIDRs with host bits set 1859454 - named-pkcs11.service: (named-pkcs11) of user 25 dumped core. Bugs fixed (https://bugzilla.redhat.com/):
1823765 - nfd-workers crash under an ipv6 environment 1838802 - mysql8 connector from operatorhub does not work with metering operator 1838845 - Metering operator can't connect to postgres DB from Operator Hub 1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1868294 - NFD operator does not allow customisation of nfd-worker.conf 1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 1890672 - NFD is missing a build flag to build correctly 1890741 - path to the CA trust bundle ConfigMap is broken in report operator 1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster 1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel 1900125 - FIPS error while generating RSA private key for CA 1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub 1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub 1913837 - The CI and ART 4.7 metering images are not mirrored 1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le 1916010 - olm skip range is set to the wrong range 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923998 - NFD Operator is failing to update and remains in Replacing state
For the stable distribution (buster), these problems have been fixed in version 1:9.11.5.P4+dfsg-5.1+deb10u2.
We recommend that you upgrade your bind9 packages.
For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9H9LBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Riow//eYx52gDQkiERYSEFJbSK34AzF5Ee3W8JYh1BG4PFagvR/y3hwddyFEkR pHlq/t78TPWi9oQ3j8uuQL0VLMA+8jyaNXA0h6BMs/3VKzGktFyINdKPBPIghT2w 2tugfgjK1MR0LZ27rcE86I1QoyFy+jHMmd03R0B0AQPWYkjp+2sp5nxskFVM9jXO 8emXIzT3IZns8WSS7xCZOqE6D40Vk/3hP5IXDXIbHHFUgl6jCEpPHJBHCgrtw9HZ Or/EQgy4y+QUZNqsPw93kxc7cwVWhauW/PX9VZ1HWnfMIWEZX9K8fmYPHlj4dJUa 1G45uTtYT7VaLvs+N7j1UulII+f1ZT9rrljasVKfbmALt+mp28/LzzcCCBMYohkK Ka30MmBu5yZnn36LNWGwaOO5D+cCHsc58awKu3C5wUG/QMBjT+dYlhkbUbllpZVj vMMXjnrefdkCLy7LEDAul1NLgxWcSWzcQ0SyNEfu9IajtA94unFMwNzFmQb7ykql WMkHTg+7mSdPCxOI+0g9+w+pKZFdBGZxXu76cV8FB1BmRitsM8XYrtBGO9uWvkI9 hIm7pHhyJB0E008qo+cKutpnvruLZLBUCutUuNHZAirq+zaHjoVDSxiqPWEJ9jdR Sx85bc7+6f1daR04r5ay/mCuWPTQYrM1VyBsFnAvGxWoznHnmbk= =kUyE -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202008-1238",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "communications diameter signaling router",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "steelstore cloud integrated storage",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.17.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.21"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.0.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "20.04"
},
{
"model": "dns server",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "2.2.2-5028"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.16.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "31"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.2"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.12.0"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.21"
},
{
"model": "communications diameter signaling router",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.5.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.17.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.17.3",
"versionStartIncluding": "9.17.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.11.21",
"versionStartIncluding": "9.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.16.5",
"versionStartIncluding": "9.12.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:synology:dns_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.2-5028",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.5.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "159981"
},
{
"db": "PACKETSTORM",
"id": "161546"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "159845"
},
{
"db": "PACKETSTORM",
"id": "161536"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
],
"trust": 1.1
},
"cve": "CVE-2020-8622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-186747",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2020-8622",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-8622",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "security-officer@isc.org",
"id": "CVE-2020-8622",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202008-1071",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-186747",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-8622",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. runc is a CLI (command line interface) tool for building and running containers according to the OCI specification. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.6) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nSecurity Fix(es):\n\n* bind: truncated TSIG response can lead to an assertion failure\n(CVE-2020-8622)\n\n* bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically. Bugs fixed (https://bugzilla.redhat.com/):\n\n1869473 - CVE-2020-8622 bind: truncated TSIG response can lead to an assertion failure\n1869477 - CVE-2020-8623 bind: remotely triggerable assertion failure in pk11.c\n\n6. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.6):\n\nSource:\nbind-9.9.4-74.el7_6.5.src.rpm\n\nnoarch:\nbind-license-9.9.4-74.el7_6.5.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.9.4-74.el7_6.5.i686.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm\nbind-libs-9.9.4-74.el7_6.5.i686.rpm\nbind-libs-9.9.4-74.el7_6.5.x86_64.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.i686.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.x86_64.rpm\nbind-utils-9.9.4-74.el7_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6):\n\nx86_64:\nbind-9.9.4-74.el7_6.5.x86_64.rpm\nbind-chroot-9.9.4-74.el7_6.5.x86_64.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.i686.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm\nbind-devel-9.9.4-74.el7_6.5.i686.rpm\nbind-devel-9.9.4-74.el7_6.5.x86_64.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.i686.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.x86_64.rpm\nbind-pkcs11-9.9.4-74.el7_6.5.x86_64.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.i686.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.x86_64.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.i686.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.x86_64.rpm\nbind-pkcs11-utils-9.9.4-74.el7_6.5.x86_64.rpm\nbind-sdb-9.9.4-74.el7_6.5.x86_64.rpm\nbind-sdb-chroot-9.9.4-74.el7_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nbind-9.9.4-74.el7_6.5.src.rpm\n\nnoarch:\nbind-license-9.9.4-74.el7_6.5.noarch.rpm\n\nppc64:\nbind-9.9.4-74.el7_6.5.ppc64.rpm\nbind-chroot-9.9.4-74.el7_6.5.ppc64.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.ppc.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.ppc64.rpm\nbind-libs-9.9.4-74.el7_6.5.ppc.rpm\nbind-libs-9.9.4-74.el7_6.5.ppc64.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.ppc.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.ppc64.rpm\nbind-utils-9.9.4-74.el7_6.5.ppc64.rpm\n\nppc64le:\nbind-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-chroot-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-libs-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-pkcs11-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-utils-9.9.4-74.el7_6.5.ppc64le.rpm\n\ns390x:\nbind-9.9.4-74.el7_6.5.s390x.rpm\nbind-chroot-9.9.4-74.el7_6.5.s390x.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.s390.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm\nbind-libs-9.9.4-74.el7_6.5.s390.rpm\nbind-libs-9.9.4-74.el7_6.5.s390x.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.s390.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.s390x.rpm\nbind-utils-9.9.4-74.el7_6.5.s390x.rpm\n\nx86_64:\nbind-9.9.4-74.el7_6.5.x86_64.rpm\nbind-chroot-9.9.4-74.el7_6.5.x86_64.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.i686.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm\nbind-libs-9.9.4-74.el7_6.5.i686.rpm\nbind-libs-9.9.4-74.el7_6.5.x86_64.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.i686.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.x86_64.rpm\nbind-pkcs11-9.9.4-74.el7_6.5.x86_64.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.i686.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.x86_64.rpm\nbind-pkcs11-utils-9.9.4-74.el7_6.5.x86_64.rpm\nbind-utils-9.9.4-74.el7_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nSource:\nbind-9.9.4-74.el7_6.5.src.rpm\n\naarch64:\nbind-9.9.4-74.el7_6.5.aarch64.rpm\nbind-chroot-9.9.4-74.el7_6.5.aarch64.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.aarch64.rpm\nbind-libs-9.9.4-74.el7_6.5.aarch64.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.aarch64.rpm\nbind-pkcs11-9.9.4-74.el7_6.5.aarch64.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.aarch64.rpm\nbind-pkcs11-utils-9.9.4-74.el7_6.5.aarch64.rpm\nbind-utils-9.9.4-74.el7_6.5.aarch64.rpm\n\nnoarch:\nbind-license-9.9.4-74.el7_6.5.noarch.rpm\n\nppc64le:\nbind-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-chroot-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-libs-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-pkcs11-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-utils-9.9.4-74.el7_6.5.ppc64le.rpm\n\ns390x:\nbind-9.9.4-74.el7_6.5.s390x.rpm\nbind-chroot-9.9.4-74.el7_6.5.s390x.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.s390.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm\nbind-libs-9.9.4-74.el7_6.5.s390.rpm\nbind-libs-9.9.4-74.el7_6.5.s390x.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.s390.rpm\nbind-libs-lite-9.9.4-74.el7_6.5.s390x.rpm\nbind-utils-9.9.4-74.el7_6.5.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 7.6):\n\nppc64:\nbind-debuginfo-9.9.4-74.el7_6.5.ppc.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.ppc64.rpm\nbind-devel-9.9.4-74.el7_6.5.ppc.rpm\nbind-devel-9.9.4-74.el7_6.5.ppc64.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.ppc.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.ppc64.rpm\nbind-pkcs11-9.9.4-74.el7_6.5.ppc64.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.ppc.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.ppc64.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.ppc.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.ppc64.rpm\nbind-pkcs11-utils-9.9.4-74.el7_6.5.ppc64.rpm\nbind-sdb-9.9.4-74.el7_6.5.ppc64.rpm\nbind-sdb-chroot-9.9.4-74.el7_6.5.ppc64.rpm\n\nppc64le:\nbind-debuginfo-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-devel-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-sdb-9.9.4-74.el7_6.5.ppc64le.rpm\nbind-sdb-chroot-9.9.4-74.el7_6.5.ppc64le.rpm\n\ns390x:\nbind-debuginfo-9.9.4-74.el7_6.5.s390.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.s390x.rpm\nbind-devel-9.9.4-74.el7_6.5.s390.rpm\nbind-devel-9.9.4-74.el7_6.5.s390x.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.s390.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.s390x.rpm\nbind-pkcs11-9.9.4-74.el7_6.5.s390x.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.s390.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.s390x.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.s390.rpm\nbind-pkcs11-libs-9.9.4-74.el7_6.5.s390x.rpm\nbind-pkcs11-utils-9.9.4-74.el7_6.5.s390x.rpm\nbind-sdb-9.9.4-74.el7_6.5.s390x.rpm\nbind-sdb-chroot-9.9.4-74.el7_6.5.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.9.4-74.el7_6.5.i686.rpm\nbind-debuginfo-9.9.4-74.el7_6.5.x86_64.rpm\nbind-devel-9.9.4-74.el7_6.5.i686.rpm\nbind-devel-9.9.4-74.el7_6.5.x86_64.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.i686.rpm\nbind-lite-devel-9.9.4-74.el7_6.5.x86_64.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.i686.rpm\nbind-pkcs11-devel-9.9.4-74.el7_6.5.x86_64.rpm\nbind-sdb-9.9.4-74.el7_6.5.x86_64.rpm\nbind-sdb-chroot-9.9.4-74.el7_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update\nAdvisory ID: RHSA-2020:5633-01\nProduct: Red Hat OpenShift Enterprise\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:5633\nIssue date: 2021-02-24\nCVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 \n CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 \n CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 \n CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 \n CVE-2018-14553 CVE-2018-14879 CVE-2018-14880 \n CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 \n CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 \n CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 \n CVE-2018-20843 CVE-2019-3884 CVE-2019-5018 \n CVE-2019-6977 CVE-2019-6978 CVE-2019-8625 \n CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 \n CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 \n CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 \n CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 \n CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 \n CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 \n CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 \n CVE-2019-8846 CVE-2019-9455 CVE-2019-9458 \n CVE-2019-11068 CVE-2019-12614 CVE-2019-13050 \n CVE-2019-13225 CVE-2019-13627 CVE-2019-14889 \n CVE-2019-15165 CVE-2019-15166 CVE-2019-15903 \n CVE-2019-15917 CVE-2019-15925 CVE-2019-16167 \n CVE-2019-16168 CVE-2019-16231 CVE-2019-16233 \n CVE-2019-16935 CVE-2019-17450 CVE-2019-17546 \n CVE-2019-18197 CVE-2019-18808 CVE-2019-18809 \n CVE-2019-19046 CVE-2019-19056 CVE-2019-19062 \n CVE-2019-19063 CVE-2019-19068 CVE-2019-19072 \n CVE-2019-19221 CVE-2019-19319 CVE-2019-19332 \n CVE-2019-19447 CVE-2019-19524 CVE-2019-19533 \n CVE-2019-19537 CVE-2019-19543 CVE-2019-19602 \n CVE-2019-19767 CVE-2019-19770 CVE-2019-19906 \n CVE-2019-19956 CVE-2019-20054 CVE-2019-20218 \n CVE-2019-20386 CVE-2019-20387 CVE-2019-20388 \n CVE-2019-20454 CVE-2019-20636 CVE-2019-20807 \n CVE-2019-20812 CVE-2019-20907 CVE-2019-20916 \n CVE-2020-0305 CVE-2020-0444 CVE-2020-1716 \n CVE-2020-1730 CVE-2020-1751 CVE-2020-1752 \n CVE-2020-1971 CVE-2020-2574 CVE-2020-2752 \n CVE-2020-2922 CVE-2020-3862 CVE-2020-3864 \n CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 \n CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 \n CVE-2020-3897 CVE-2020-3898 CVE-2020-3899 \n CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 \n CVE-2020-6405 CVE-2020-7595 CVE-2020-7774 \n CVE-2020-8177 CVE-2020-8492 CVE-2020-8563 \n CVE-2020-8566 CVE-2020-8619 CVE-2020-8622 \n CVE-2020-8623 CVE-2020-8624 CVE-2020-8647 \n CVE-2020-8648 CVE-2020-8649 CVE-2020-9327 \n CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 \n CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 \n CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 \n CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 \n CVE-2020-9925 CVE-2020-10018 CVE-2020-10029 \n CVE-2020-10732 CVE-2020-10749 CVE-2020-10751 \n CVE-2020-10763 CVE-2020-10773 CVE-2020-10774 \n CVE-2020-10942 CVE-2020-11565 CVE-2020-11668 \n CVE-2020-11793 CVE-2020-12465 CVE-2020-12655 \n CVE-2020-12659 CVE-2020-12770 CVE-2020-12826 \n CVE-2020-13249 CVE-2020-13630 CVE-2020-13631 \n CVE-2020-13632 CVE-2020-14019 CVE-2020-14040 \n CVE-2020-14381 CVE-2020-14382 CVE-2020-14391 \n CVE-2020-14422 CVE-2020-15157 CVE-2020-15503 \n CVE-2020-15862 CVE-2020-15999 CVE-2020-16166 \n CVE-2020-24490 CVE-2020-24659 CVE-2020-25211 \n CVE-2020-25641 CVE-2020-25658 CVE-2020-25661 \n CVE-2020-25662 CVE-2020-25681 CVE-2020-25682 \n CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 \n CVE-2020-25686 CVE-2020-25687 CVE-2020-25694 \n CVE-2020-25696 CVE-2020-26160 CVE-2020-27813 \n CVE-2020-27846 CVE-2020-28362 CVE-2020-29652 \n CVE-2021-2007 CVE-2021-3121 \n=====================================================================\n\n1. Summary:\n\nRed Hat OpenShift Container Platform release 4.7.0 is now available. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.7.0. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2020:5634\n\nSpace precludes documenting all of the container images in this advisory. \nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel\nease-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.0-x86_64\n\nThe image digest is\nsha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.0-s390x\n\nThe image digest is\nsha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le\n\nThe image digest is\nsha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n- -between-minor.html#understanding-upgrade-channels_updating-cluster-between\n- -minor. \n\nSecurity Fix(es):\n\n* crewjam/saml: authentication bypass in saml authentication\n(CVE-2020-27846)\n\n* golang: crypto/ssh: crafted authentication request can lead to nil\npointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index\nvalidation (CVE-2021-3121)\n\n* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)\n\n* kubernetes: Secret leaks in kube-controller-manager when using vSphere\nProvider (CVE-2020-8563)\n\n* containernetworking/plugins: IPv6 router advertisements allow for MitM\nattacks on IPv4 clusters (CVE-2020-10749)\n\n* heketi: gluster-block volume password details available in logs\n(CVE-2020-10763)\n\n* golang.org/x/text: possibility to trigger an infinite loop in\nencoding/unicode could lead to crash (CVE-2020-14040)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of\nservice (CVE-2020-27813)\n\n* golang: math/big: panic during recursive division of very large numbers\n(CVE-2020-28362)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n3. Solution:\n\nFor OpenShift Container Platform 4.7, see the following documentation,\nwhich\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n- -cli.html. \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1620608 - Restoring deployment config with history leads to weird state\n1752220 - [OVN] Network Policy fails to work when project label gets overwritten\n1756096 - Local storage operator should implement must-gather spec\n1756173 - /etc/udev/rules.d/66-azure-storage.rules missing from initramfs\n1768255 - installer reports 100% complete but failing components\n1770017 - Init containers restart when the exited container is removed from node. \n1775057 - [MSTR-485] Cluster is abnormal after etcd backup/restore when the backup is conducted during etcd encryption is migrating\n1775444 - RFE: k8s cpu manager does not restrict /usr/bin/pod cpuset\n1777038 - Cluster scaled beyond host subnet limits does not fire alert or cleanly report why it cannot scale\n1777224 - InfraID in metadata.json and .openshift_install_state.json is not consistent when repeating `create` commands\n1784298 - \"Displaying with reduced resolution due to large dataset.\" would show under some conditions\n1785399 - Under condition of heavy pod creation, creation fails with \u0027error reserving pod name ...: name is reserved\"\n1797766 - Resource Requirements\" specDescriptor fields - CPU and Memory injects empty string YAML editor\n1801089 - [OVN] Installation failed and monitoring pod not created due to some network error. \n1805025 - [OSP] Machine status doesn\u0027t become \"Failed\" when creating a machine with invalid image\n1805639 - Machine status should be \"Failed\" when creating a machine with invalid machine configuration\n1806000 - CRI-O failing with: error reserving ctr name\n1806915 - openshift-service-ca: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be\n1806917 - openshift-service-ca-operator: Some core components are in openshift.io/run-level 1 and are bypassing SCC, but should not be\n1810438 - Installation logs are not gathered from OCP nodes\n1812085 - kubernetes-networking-namespace-pods dashboard doesn\u0027t exist\n1812412 - Monitoring Dashboard: on restricted cluster, query timed out in expression evaluation\n1813012 - EtcdDiscoveryDomain no longer needed\n1813949 - openshift-install doesn\u0027t use env variables for OS_* for some of API endpoints\n1816812 - OpenShift test suites are not resilient to rate limited registries (like docker.io) and cannot control their dependencies for offline use\n1819053 - loading OpenAPI spec for \"v1beta1.metrics.k8s.io\" failed with: OpenAPI spec does not exist\n1819457 - Package Server is in \u0027Cannot update\u0027 status despite properly working\n1820141 - [RFE] deploy qemu-quest-agent on the nodes\n1822744 - OCS Installation CI test flaking\n1824038 - Integration Tests: StaleElementReferenceError in OLM single-installmode scenario\n1825892 - StorageClasses and PVs are not cleaned completely after running the csi verification tool\n1826301 - Wrong NodeStatus reports in file-integrity scan when configuration error in aide.conf file\n1829723 - User workload monitoring alerts fire out of the box\n1832968 - oc adm catalog mirror does not mirror the index image itself\n1833012 - Lower OVNKubernetes HTTP E/W performance compared with OpenShiftSDN\n1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters\n1834995 - olmFull suite always fails once th suite is run on the same cluster\n1836017 - vSphere UPI: Both Internal and External load balancers for kube-apiserver should use /readyz\n1837953 - Replacing masters doesn\u0027t work for ovn-kubernetes 4.4\n1838352 - OperatorExited, Pending marketplace-operator-... pod for several weeks\n1838751 - [oVirt][Tracker] Re-enable skipped network tests\n1839239 - csi-snapshot-controller flickers Degraded=True on etcd hiccups\n1840759 - [aws-ebs-csi-driver] The volume created by aws ebs csi driver can not be deleted when the cluster is destroyed\n1841039 - authentication-operator: Add e2e test for password grants to Keycloak being set as OIDC IdP\n1841119 - Get rid of config patches and pass flags directly to kcm\n1841175 - When an Install Plan gets deleted, OLM does not create a new one\n1841381 - Issue with memoryMB validation\n1841885 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option\n1844727 - Etcd container leaves grep and lsof zombie processes\n1845387 - CVE-2020-10763 heketi: gluster-block volume password details available in logs\n1847074 - Filter bar layout issues at some screen widths on search page\n1848358 - CRDs with preserveUnknownFields:true don\u0027t reflect in status that they are non-structural\n1849543 - [4.5]kubeletconfig\u0027s description will show multiple lines for finalizers when upgrade from 4.4.8-\u003e4.5\n1851103 - Use of NetworkManager-wait-online.service in rhcos-growpart.service\n1851203 - [GSS] [RFE] Need a simpler representation of capactiy breakdown in total usage and per project breakdown in OCS 4 dashboard\n1851351 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing\n1851693 - The `oc apply` should return errors instead of hanging there when failing to create the CRD\n1852289 - Upgrade testsuite fails on ppc64le environment - Unsupported LoadBalancer service\n1853115 - the restriction of --cloud option should be shown in help text. \n1853116 - `--to` option does not work with `--credentials-requests` flag. \n1853352 - [v2v][UI] Storage Class fields Should Not be empty in VM disks view\n1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash\n1854567 - \"Installed Operators\" list showing \"duplicated\" entries during installation\n1855325 - [Feature:Prometheus][Conformance] Prometheus when installed on the cluster [Top Level] [Feature:Prometheus][Conformance] Prometheus when installed on the cluster should report telemetry if a cloud.openshift.com token is present\n1855351 - Inconsistent Installer reactions to Ctrl-C during user input process\n1855408 - OVN cluster unstable after running minimal scale test\n1856351 - Build page should show metrics for when the build ran, not the last 30 minutes\n1856354 - New APIServices missing from OpenAPI definitions\n1857446 - ARO/Azure: excessive pod memory allocation causes node lockup\n1857877 - Operator upgrades can delete existing CSV before completion\n1858578 - [v2v] [ui] VM import RHV to CNV Target VM Name longer than 63 chars should not be allowed\n1859174 - [IPI][OSP] Having errors from 4.3 to 4.6 about Security group rule already created\n1860136 - default ingress does not propagate annotations to route object on update\n1860322 - [OCPv4.5.2] after unexpected shutdown one of RHV Hypervisors, OCP worker nodes machine are marked as \"Failed\"\n1860518 - unable to stop a crio pod\n1861383 - Route with `haproxy.router.openshift.io/timeout: 365d` kills the ingress controller\n1862430 - LSO: PV creation lock should not be acquired in a loop\n1862489 - LSO autoprovisioning should exclude top level disks that are part of LVM volume group. \n1862608 - Virtual media does not work on hosts using BIOS, only UEFI\n1862918 - [v2v] User should only select SRIOV network when importin vm with SRIOV network\n1865743 - Some pods are stuck in ContainerCreating and some sdn pods are in CrashLoopBackOff\n1865839 - rpm-ostree fails with \"System transaction in progress\" when moving to kernel-rt\n1866043 - Configurable table column headers can be illegible\n1866087 - Examining agones helm chart resources results in \"Oh no!\"\n1866261 - Need to indicate the intentional behavior for Ansible in the `create api` help info\n1866298 - [RHOCS Usability Study][Installation] Labeling the namespace should be a part of the installation flow or be clearer as a requirement\n1866320 - [RHOCS Usability Study][Dashboard] Users were confused by Available Capacity and the Total Capacity\n1866334 - [RHOCS Usability Study][Installation] On the Operator installation page, there\u2019s no indication on which labels offer tooltip/help\n1866340 - [RHOCS Usability Study][Dashboard] It was not clear why \u201cNo persistent storage alerts\u201d was prominently displayed\n1866343 - [RHOCS Usability Study][Dashboard] User wanted to know the time frame for Data Consumption, e.g I/O Operations\n1866445 - kola --basic-qemu-scenarios scenario fail on ppc64le \u0026 s390x\n1866482 - Few errors are seen when oc adm must-gather is run\n1866605 - No metadata.generation set for build and buildconfig objects\n1866873 - MCDDrainError \"Drain failed on , updates may be blocked\" missing rendered node name\n1866901 - Deployment strategy for BMO allows multiple pods to run at the same time\n1866925 - openshift-install destroy cluster should fail quickly when provided with invalid credentials on Azure. \n1867165 - Cannot assign static address to baremetal install bootstrap vm\n1867380 - When using webhooks in OCP 4.5 fails to rollout latest deploymentconfig\n1867400 - [OCs 4.5]UI should not allow creation of second storagecluster of different mode in a single OCS\n1867477 - HPA monitoring cpu utilization fails for deployments which have init containers\n1867518 - [oc] oc should not print so many goroutines when ANY command fails\n1867608 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster\n1867965 - OpenShift Console Deployment Edit overwrites deployment yaml\n1868004 - opm index add appears to produce image with wrong registry server binary\n1868065 - oc -o jsonpath prints possible warning / bug \"Unable to decode server response into a Table\"\n1868104 - Baremetal actuator should not delete Machine objects\n1868125 - opm index add is not creating an index with valid images when --permissive flag is added, the index is empty instead\n1868384 - CLI does not save login credentials as expected when using the same username in multiple clusters\n1868527 - OpenShift Storage using VMWare vSAN receives error \"Failed to add disk \u0027scsi0:2\u0027\" when mounted pod is created on separate node\n1868645 - After a disaster recovery pods a stuck in \"NodeAffinity\" state and not running\n1868748 - ClusterProvisioningIP in baremetal platform has wrong JSON annotation\n1868765 - [vsphere][ci] could not reserve an IP address: no available addresses\n1868770 - catalogSource named \"redhat-operators\" deleted in a disconnected cluster\n1868976 - Prometheus error opening query log file on EBS backed PVC\n1869293 - The configmap name looks confusing in aide-ds pod logs\n1869606 - crio\u0027s failing to delete a network namespace\n1870337 - [sig-storage] Managed cluster should have no crashlooping recycler pods over four minutes\n1870342 - [sig-scheduling] SchedulerPredicates [Serial] validates resource limits of pods that are allowed to run [Conformance]\n1870373 - Ingress Operator reports available when DNS fails to provision\n1870467 - D/DC Part of Helm / Operator Backed should not have HPA\n1870728 - openshift-install creates expired ignition files from stale .openshift_install_state.json\n1870800 - [4.6] Managed Column not appearing on Pods Details page\n1871170 - e2e tests are needed to validate the functionality of the etcdctl container\n1872001 - EtcdDiscoveryDomain no longer needed\n1872095 - content are expanded to the whole line when only one column in table on Resource Details page\n1872124 - Could not choose device type as \"disk\" or \"part\" when create localvolumeset from web console\n1872128 - Can\u0027t run container with hostPort on ipv6 cluster\n1872166 - \u0027Silences\u0027 link redirects to unexpected \u0027Alerts\u0027 view after creating a silence in the Developer perspective\n1872251 - [aws-ebs-csi-driver] Verify job in CI doesn\u0027t check for vendor dir sanity\n1872786 - Rules in kube-apiserver.rules are taking too long and consuming too much memory for Prometheus to evaluate them\n1872821 - [DOC] Typo in Ansible Operator Tutorial\n1872907 - Fail to create CR from generated Helm Base Operator\n1872923 - Click \"Cancel\" button on the \"initialization-resource\" creation form page should send users to the \"Operator details\" page instead of \"Install Operator\" page (previous page)\n1873007 - [downstream] failed to read config when running the operator-sdk in the home path\n1873030 - Subscriptions without any candidate operators should cause resolution to fail\n1873043 - Bump to latest available 1.19.x k8s\n1873114 - Nodes goes into NotReady state (VMware)\n1873288 - Changing Cluster-Wide Pull Secret Does Not Trigger Updates In Kubelet Filesystem\n1873305 - Failed to power on /inspect node when using Redfish protocol\n1873326 - Accessibility - The symbols e.g checkmark in the overview page has no text description, label, or other accessible information\n1873480 - Accessibility - No text description, alt text, label, or other accessible information associated with the help icon: \u201c?\u201d button/icon in Developer Console -\u003eNavigation\n1873556 - [Openstack] HTTP_PROXY setting for NetworkManager-resolv-prepender not working\n1873593 - MCO fails to cope with ContainerRuntimeConfig thas has a name \u003e 63 characters\n1874057 - Pod stuck in CreateContainerError - error msg=\"container_linux.go:348: starting container process caused \\\"chdir to cwd (\\\\\\\"/mount-point\\\\\\\") set in config.json failed: permission denied\\\"\"\n1874074 - [CNV] Windows 2019 Default Template Not Defaulting to Proper NIC/Storage Driver\n1874192 - [RFE] \"Create Backing Store\" page doesn\u0027t allow to select already defined k8s secret as target bucket credentials when Google Cloud Storage is selected as a provider\n1874240 - [vsphere] unable to deprovision - Runtime error list attached objects\n1874248 - Include validation for vcenter host in the install-config\n1874340 - vmware: NodeClockNotSynchronising alert is triggered in openshift cluster after upgrading form 4.4.16 to 4.5.6\n1874583 - apiserver tries and fails to log an event when shutting down\n1874584 - add retry for etcd errors in kube-apiserver\n1874638 - Missing logging for nbctl daemon\n1874736 - [downstream] no version info for the helm-operator\n1874901 - add utm_source parameter to Red Hat Marketplace URLs for attribution\n1874968 - Accessibility: The project selection drop down is a keyboard trap\n1875247 - Dependency resolution error \"found more than one head for channel\" is unhelpful for users\n1875516 - disabled scheduling is easy to miss in node page of OCP console\n1875598 - machine status is Running for a master node which has been terminated from the console\n1875806 - When creating a service of type \"LoadBalancer\" (Kuryr,OVN) communication through this loadbalancer failes after 2-5 minutes. \n1876166 - need to be able to disable kube-apiserver connectivity checks\n1876469 - Invalid doc link on yaml template schema description\n1876701 - podCount specDescriptor change doesn\u0027t take effect on operand details page\n1876815 - Installer uses the environment variable OS_CLOUD for manifest generation despite explicit prompt\n1876935 - AWS volume snapshot is not deleted after the cluster is destroyed\n1877071 - vSphere IPI - Nameserver limits were exceeded, some nameservers have been omitted\n1877105 - add redfish to enabled_bios_interfaces\n1877116 - e2e aws calico tests fail with `rpc error: code = ResourceExhausted`\n1877273 - [OVN] EgressIP cannot fail over to available nodes after one egressIP node shutdown\n1877648 - [sriov]VF from allocatable and capacity of node is incorrect when the policy is only \u0027rootDevices\u0027\n1877681 - Manually created PV can not be used\n1877693 - dnsrecords specify recordTTL as 30 but the value is null in AWS Route 53\n1877740 - RHCOS unable to get ip address during first boot\n1877812 - [ROKS] IBM cloud failed to terminate OSDs when upgraded between internal builds of OCS 4.5\n1877919 - panic in multus-admission-controller\n1877924 - Cannot set BIOS config using Redfish with Dell iDracs\n1878022 - Met imagestreamimport error when import the whole image repository\n1878086 - OCP 4.6+OCS 4.6(multiple SC) Internal Mode- UI should populate the default \"Filesystem Name\" instead of providing a textbox, \u0026 the name should be validated\n1878301 - [4.6] [UI] Unschedulable used to always be displayed when Node is Ready status\n1878701 - After deleting and recreating a VM with same name, the VM events contain the events from the old VM\n1878766 - CPU consumption on nodes is higher than the CPU count of the node. \n1878772 - On the nodes there are up to 547 zombie processes caused by thanos and Prometheus. \n1878823 - \"oc adm release mirror\" generating incomplete imageContentSources when using \"--to\" and \"--to-release-image\"\n1878845 - 4.5 to 4.6.rc.4 upgrade failure: authentication operator health check connection refused for multitenant mode\n1878900 - Installer complains about not enough vcpu for the baremetal flavor where generic bm flavor is being used\n1878953 - RBAC error shows when normal user access pvc upload page\n1878956 - `oc api-resources` does not include API version\n1878972 - oc adm release mirror removes the architecture information\n1879013 - [RFE]Improve CD-ROM interface selection\n1879056 - UI should allow to change or unset the evictionStrategy\n1879057 - [CSI Certificate Test] Test failed for CSI certification tests for CSIdriver openshift-storage.rbd.csi.ceph.com with RWX enabled\n1879094 - RHCOS dhcp kernel parameters not working as expected\n1879099 - Extra reboot during 4.5 -\u003e 4.6 upgrade\n1879244 - Error adding container to network \"ipvlan-host-local\": \"master\" field is required\n1879248 - OLM Cert Dir for Webhooks does not align SDK/Kubebuilder\n1879282 - Update OLM references to point to the OLM\u0027s new doc site\n1879283 - panic after nil pointer dereference in pkg/daemon/update.go\n1879365 - Overlapping, divergent openshift-cluster-storage-operator manifests\n1879419 - [RFE]Improve boot source description for \u0027Container\u0027 and \u2018URL\u2019\n1879430 - openshift-object-counts quota is not dynamically updating as the resource is deleted. \n1879565 - IPv6 installation fails on node-valid-hostname\n1879777 - Overlapping, divergent openshift-machine-api namespace manifests\n1879878 - Messages flooded in thanos-querier pod- oauth-proxy container: Authorization header does not start with \u0027Basic\u0027, skipping basic authentication in Log message in thanos-querier pod the oauth-proxy\n1879930 - Annotations shouldn\u0027t be removed during object reconciliation\n1879976 - No other channel visible from console\n1880068 - image pruner is not aware of image policy annotation, StatefulSets, etc. \n1880148 - dns daemonset rolls out slowly in large clusters\n1880161 - Actuator Update calls should have fixed retry time\n1880259 - additional network + OVN network installation failed\n1880389 - Pipeline Runs with skipped Tasks incorrectly show Tasks as \"Failed\"\n1880410 - Convert Pipeline Visualization node to SVG\n1880417 - [vmware] Fail to boot with Secure Boot enabled, kernel lockdown denies iopl access to afterburn\n1880443 - broken machine pool management on OpenStack\n1880450 - Host failed to install because its installation stage joined took longer than expected 20m0s. \n1880473 - IBM Cloudpak operators installation stuck \"UpgradePending\" with InstallPlan status updates failing due to size limitation\n1880680 - [4.3] [Tigera plugin] - openshift-kube-proxy fails - Failed to execute iptables-restore: exit status 4 (iptables-restore v1.8.4 (nf_tables)\n1880785 - CredentialsRequest missing description in `oc explain`\n1880787 - No description for Provisioning CRD for `oc explain`\n1880902 - need dnsPlocy set in crd ingresscontrollers\n1880913 - [DeScheduler] - change loglevel from Info to Error when priority class given in the descheduler params is not present in the cluster\n1881027 - Cluster installation fails at with error : the container name \\\"assisted-installer\\\" is already in use\n1881046 - [OSP] openstack-cinder-csi-driver-operator doesn\u0027t contain required manifests and assets\n1881155 - operator install authentication: Authentication require functional ingress which requires at least one schedulable and ready node\n1881268 - Image uploading failed but wizard claim the source is available\n1881322 - kube-scheduler not scheduling pods for certificates not renewed automatically after nodes restoration\n1881347 - [v2v][ui]VM Import Wizard does not call Import provider cleanup\n1881881 - unable to specify target port manually resulting in application not reachable\n1881898 - misalignment of sub-title in quick start headers\n1882022 - [vsphere][ipi] directory path is incomplete, terraform can\u0027t find the cluster\n1882057 - Not able to select access modes for snapshot and clone\n1882140 - No description for spec.kubeletConfig\n1882176 - Master recovery instructions don\u0027t handle IP change well\n1882191 - Installation fails against external resources which lack DNS Subject Alternative Name\n1882209 - [ BateMetal IPI ] local coredns resolution not working\n1882210 - [release 4.7] insights-operator: Fix bug in reflector not recovering from \"Too large resource version\"\n1882268 - [e2e][automation]Add Integration Test for Snapshots\n1882361 - Retrieve and expose the latest report for the cluster\n1882485 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use\n1882556 - git:// protocol in origin tests is not currently proxied\n1882569 - CNO: Replacing masters doesn\u0027t work for ovn-kubernetes 4.4\n1882608 - Spot instance not getting created on AzureGovCloud\n1882630 - Fstype is changed after deleting pv provisioned by localvolumeset instance\n1882649 - IPI installer labels all images it uploads into glance as qcow2\n1882653 - The Approval should display the Manual after the APPROVAL changed to Manual from the Automatic\n1882658 - [RFE] Volume Snapshot is not listed under inventory in Project Details page\n1882660 - Operators in a namespace should be installed together when approve one\n1882667 - [ovn] br-ex Link not found when scale up RHEL worker\n1882723 - [vsphere]Suggested mimimum value for providerspec not working\n1882730 - z systems not reporting correct core count in recording rule\n1882750 - [sig-api-machinery][Feature:APIServer][Late] kubelet terminates kube-apiserver gracefully\n1882781 - nameserver= option to dracut creates extra NM connection profile\n1882785 - Multi-Arch CI Jobs destroy libvirt network but occasionally leave it defined\n1882844 - [IPI on vsphere] Executing \u0027openshift-installer destroy cluster\u0027 leaves installer tag categories in vsphere\n1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability\n1883388 - Bare Metal Hosts Details page doesn\u0027t show Mainitenance and Power On/Off status\n1883422 - operator-sdk cleanup fail after installing operator with \"run bundle\" without installmode and og with ownnamespace\n1883425 - Gather top installplans and their count\n1883502 - Logging is broken due to mix of k8s.io/klog v1 and v2\n1883523 - [sig-cli] oc adm must-gather runs successfully for audit logs [Suite:openshift/conformance/parallel]\n1883538 - must gather report \"cannot file manila/aws ebs/ovirt csi related namespaces and objects\" error\n1883560 - operator-registry image needs clean up in /tmp\n1883563 - Creating duplicate namespace from create namespace modal breaks the UI\n1883614 - [OCP 4.6] [UI] UI should not describe power cycle as \"graceful\"\n1883642 - [sig-imageregistry][Feature:ImageTriggers][Serial] ImageStream admission TestImageStreamAdmitSpecUpdate\n1883660 - e2e-metal-ipi CI job consistently failing on 4.4\n1883765 - [user workload monitoring] improve latency of Thanos sidecar when streaming read requests\n1883766 - [e2e][automation] Adjust tests for UI changes\n1883768 - [user workload monitoring] The Prometheus operator should discard invalid TLS configurations\n1883773 - opm alpha bundle build fails on win10 home\n1883790 - revert \"force cert rotation every couple days for development\" in 4.7\n1883803 - node pull secret feature is not working as expected\n1883836 - Jenkins imagestream ubi8 and nodejs12 update\n1883847 - The UI does not show checkbox for enable encryption at rest for OCS\n1883853 - go list -m all does not work\n1883905 - race condition in opm index add --overwrite-latest\n1883946 - Understand why trident CSI pods are getting deleted by OCP\n1884035 - Pods are illegally transitioning back to pending\n1884041 - e2e should provide error info when minimum number of pods aren\u0027t ready in kube-system namespace\n1884131 - oauth-proxy repository should run tests\n1884165 - Repos should be disabled in -firstboot.service before OS extensions are applied\n1884221 - IO becomes unhealthy due to a file change\n1884258 - Node network alerts should work on ratio rather than absolute values\n1884270 - Git clone does not support SCP-style ssh locations\n1884334 - CVO marks an upgrade as failed when an operator takes more than 20 minutes to rollout\n1884435 - vsphere - loopback is randomly not being added to resolver\n1884565 - oauth-proxy crashes on invalid usage\n1884584 - Kuryr controller continuously restarting due to unable to clean up Network Policy\n1884613 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users\n1884628 - ovs-configuration service fails when the external network is configured on a tagged vlan on top of a bond device on a baremetal IPI deployment\n1884629 - Visusally impaired user using screen reader not able to select Admin/Developer console options in drop down menu. \n1884632 - Adding BYOK disk encryption through DES\n1884654 - Utilization of a VMI is not populated\n1884655 - KeyError on self._existing_vifs[port_id]\n1884664 - Operator install page shows \"installing...\" instead of going to install status page\n1884672 - Failed to inspect hardware. Reason: unable to start inspection: \u0027idrac\u0027\n1884691 - Installer blocks cloud-credential-operator manual mode on GCP and Azure\n1884724 - Quick Start: Serverless quickstart doesn\u0027t match Operator install steps\n1884739 - Node process segfaulted\n1884824 - Update baremetal-operator libraries to k8s 1.19\n1885002 - network kube-rbac-proxy scripts crashloop rather than non-crash looping\n1885138 - Wrong detection of pending state in VM details\n1885151 - [Cloud Team - Cluster API Provider Azure] Logging is broken due to mix of k8s.io/klog v1 and v2\n1885165 - NoRunningOvnMaster alert falsely triggered\n1885170 - Nil pointer when verifying images\n1885173 - [e2e][automation] Add test for next run configuration feature\n1885179 - oc image append fails on push (uploading a new layer)\n1885213 - Vertical Pod Autoscaler (VPA) not working with DeploymentConfig\n1885218 - [e2e][automation] Add virtctl to gating script\n1885223 - Sync with upstream (fix panicking cluster-capacity binary)\n1885235 - Prometheus: Logging is broken due to mix of k8s.io/klog v1 and v2\n1885241 - kube-rbac-proxy: Logging is broken due to mix of k8s.io/klog v1 and v2\n1885243 - prometheus-adapter: Logging is broken due to mix of k8s.io/klog v1 and v2\n1885244 - prometheus-operator: Logging is broken due to mix of k8s.io/klog v1 and v2\n1885246 - cluster-monitoring-operator: Logging is broken due to mix of k8s.io/klog v1 and v2\n1885249 - openshift-state-metrics: Logging is broken due to mix of k8s.io/klog v1 and v2\n1885308 - Supermicro nodes failed to boot via disk during installation when using IPMI and UEFI\n1885315 - unit tests fail on slow disks\n1885319 - Remove redundant use of group and kind of DataVolumeTemplate\n1885343 - Console doesn\u0027t load in iOS Safari when using self-signed certificates\n1885344 - 4.7 upgrade - dummy bug for 1880591\n1885358 - add p\u0026f configuration to protect openshift traffic\n1885365 - MCO does not respect the install section of systemd files when enabling\n1885376 - failed to initialize the cluster: Cluster operator marketplace is still updating\n1885398 - CSV with only Webhook conversion can\u0027t be installed\n1885403 - Some OLM events hide the underlying errors\n1885414 - Need to disable HTX when not using HTTP/2 in order to preserve HTTP header name case\n1885425 - opm index add cannot batch add multiple bundles that use skips\n1885543 - node tuning operator builds and installs an unsigned RPM\n1885644 - Panic output due to timeouts in openshift-apiserver\n1885676 - [OCP 4.7]UI should fallback to minimal deployment only after total CPU \u003c 30 || totalMemory \u003c 72 GiB for initial deployment\n1885702 - Cypress: Fix \u0027aria-hidden-focus\u0027 accesibility violations\n1885706 - Cypress: Fix \u0027link-name\u0027 accesibility violation\n1885761 - DNS fails to resolve in some pods\n1885856 - Missing registry v1 protocol usage metric on telemetry\n1885864 - Stalld service crashed under the worker node\n1885930 - [release 4.7] Collect ServiceAccount statistics\n1885940 - kuryr/demo image ping not working\n1886007 - upgrade test with service type load balancer will never work\n1886022 - Move range allocations to CRD\u0027s\n1886028 - [BM][IPI] Failed to delete node after scale down\n1886111 - UpdatingopenshiftStateMetricsFailed: DeploymentRollout of openshift-monitoring/openshift-state-metrics: got 1 unavailable replicas\n1886134 - Need to set GODEBUG=x509ignoreCN=0 in initrd\n1886154 - System roles are not present while trying to create new role binding through web console\n1886166 - 1885517 Clone - Not needed for 4.7 - upgrade from 4.5-\u003e4.6 causes broadcast storm\n1886168 - Remove Terminal Option for Windows Nodes\n1886200 - greenwave / CVP is failing on bundle validations, cannot stage push\n1886229 - Multipath support for RHCOS sysroot\n1886294 - Unable to schedule a pod due to Insufficient ephemeral-storage\n1886327 - Attempt to add a worker using bad roodDeviceHint: bmh and machine become Provisioned, no error in status\n1886353 - [e2e][automation] kubevirt-gating job fails for a missing virtctl URL\n1886397 - Move object-enum to console-shared\n1886423 - New Affinities don\u0027t contain ID until saving\n1886435 - Azure UPI uses deprecated command \u0027group deployment\u0027\n1886449 - p\u0026f: add configuration to protect oauth server traffic\n1886452 - layout options doesn\u0027t gets selected style on click i.e grey background\n1886462 - IO doesn\u0027t recognize namespaces - 2 resources with the same name in 2 namespaces -\u003e only 1 gets collected\n1886488 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest\n1886524 - Change default terminal command for Windows Pods\n1886553 - i/o timeout experienced from build02 when targeting CI test cluster during test execution\n1886600 - panic: assignment to entry in nil map\n1886620 - Application behind service load balancer with PDB is not disrupted\n1886627 - Kube-apiserver pods restarting/reinitializing periodically\n1886635 - CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider\n1886636 - Panic in machine-config-operator\n1886749 - Removing network policy from namespace causes inability to access pods through loadbalancer. \n1886751 - Gather MachineConfigPools\n1886766 - PVC dropdown has \u0027Persistent Volume\u0027 Label\n1886834 - ovn-cert is mandatory in both master and node daemonsets\n1886848 - [OSP] machine instance-state annotation discrepancy with providerStatus.instanceState\n1886861 - ordered-values.yaml not honored if values.schema.json provided\n1886871 - Neutron ports created for hostNetworking pods\n1886890 - Overwrite jenkins-agent-base imagestream\n1886900 - Cluster-version operator fills logs with \"Manifest: ...\" spew\n1886922 - [sig-network] pods should successfully create sandboxes by getting pod\n1886973 - Local storage operator doesn\u0027t include correctly populate LocalVolumeDiscoveryResult in console\n1886977 - [v2v]Incorrect VM Provider type displayed in UI while importing VMs through VMIO\n1887010 - Imagepruner met error \"Job has reached the specified backoff limit\" which causes image registry degraded\n1887026 - FC volume attach fails with \u201cno fc disk found\u201d error on OCP 4.6 PowerVM cluster\n1887040 - [upgrade] ovs pod crash for rhel worker when upgarde from 4.5 to 4.6\n1887046 - Event for LSO need update to avoid confusion\n1887088 - cluster-node-tuning-operator refers to missing cluster-node-tuned image\n1887375 - User should be able to specify volumeMode when creating pvc from web-console\n1887380 - Unsupported access mode should not be available to select when creating pvc by aws-ebs-csi-driver(gp2-csi) from web-console\n1887392 - openshift-apiserver: delegated authn/z should have ttl \u003e metrics/healthz/readyz/openapi interval\n1887428 - oauth-apiserver service should be monitored by prometheus\n1887441 - ingress misconfiguration may break authentication but ingress operator keeps reporting \"degraded: False\"\n1887454 - [sig-storage] In-tree Volumes [Driver: azure-disk] [Testpattern: Dynamic PV (ext4)] volumes should store data\n1887456 - It is impossible to attach the default NIC to a bridge with the latest version of OVN Kubernetes\n1887465 - Deleted project is still referenced\n1887472 - unable to edit application group for KSVC via gestures (shift+Drag)\n1887488 - OCP 4.6: Topology Manager OpenShift E2E test fails: gu workload attached to SRIOV networks should let resource-aligned PODs have working SRIOV network interface\n1887509 - Openshift-tests conformance TopologyManager tests run when Machine Config Operator is not installed on cluster\n1887525 - Failures to set master HardwareDetails cannot easily be debugged\n1887545 - 4.5 to 4.6 upgrade fails when external network is configured on a bond device: ovs-configuration service fails and node becomes unreachable\n1887585 - ovn-masters stuck in crashloop after scale test\n1887651 - [Internal Mode] Object gateway (RGW) in unknown state after OCP upgrade. \n1887737 - Test TestImageRegistryRemovedWithImages is failing on e2e-vsphere-operator\n1887740 - cannot install descheduler operator after uninstalling it\n1887745 - API server is throwing 5xx error code for 42.11% of requests for LIST events\n1887750 - `oc explain localvolumediscovery` returns empty description\n1887751 - `oc explain localvolumediscoveryresult` returns empty description\n1887778 - Add ContainerRuntimeConfig gatherer\n1887783 - PVC upload cannot continue after approve the certificate\n1887797 - [CNV][V2V] Default network type is bridge for interface bound to POD network in VMWare migration wizard\n1887799 - User workload monitoring prometheus-config-reloader OOM\n1887850 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install test is flaky\n1887863 - Installer panics on invalid flavor\n1887864 - Clean up dependencies to avoid invalid scan flagging\n1887934 - TestForwardedHeaderPolicyAppend, TestForwardedHeaderPolicyReplace, and TestForwardedHeaderPolicyIfNone consistently fail because of case-sensitive comparison\n1887936 - Kube-scheduler should be able to parse v1beta1 KubeSchedulerConfig\n1888015 - workaround kubelet graceful termination of static pods bug\n1888028 - prevent extra cycle in aggregated apiservers\n1888036 - Operator details shows old CRD versions\n1888041 - non-terminating pods are going from running to pending\n1888072 - Setting Supermicro node to PXE boot via Redfish doesn\u0027t take affect\n1888073 - Operator controller continuously busy looping\n1888118 - Memory requests not specified for image registry operator\n1888150 - Install Operand Form on OperatorHub is displaying unformatted text\n1888172 - PR 209 didn\u0027t update the sample archive, but machineset and pdbs are now namespaced\n1888227 - Failed to deploy some of container image on the recent OCP 4.6 nightly build\n1888292 - Fix CVE-2015-7501 affecting agent-maven-3.5\n1888311 - p\u0026f: make SAR traffic from oauth and openshift apiserver exempt\n1888363 - namespaces crash in dev\n1888378 - [IPI on Azure] errors destroying cluster when Azure resource group was never created\n1888381 - instance:node_network_receive_bytes_excluding_lo:rate1m value twice expected\n1888464 - installer missing permission definitions for TagResources and UntagResources when installing in existing VPC\n1888494 - imagepruner pod is error when image registry storage is not configured\n1888565 - [OSP] machine-config-daemon-firstboot.service failed with \"error reading osImageURL from rpm-ostree\"\n1888595 - cluster-policy-controller logs shows error which reads initial monitor sync has error\n1888601 - The poddisruptionbudgets is using the operator service account, instead of gather\n1888657 - oc doesn\u0027t know its name\n1888663 - sdn starts after kube-apiserver, delay readyz until oauth-apiserver is reachable\n1888671 - Document the Cloud Provider\u0027s ignore-volume-az setting\n1888738 - quay.io/openshift/origin-must-gather:latest is not a multi-arch, manifest-list image\n1888763 - at least one of these parameters (Vendor, DeviceID or PfNames) has to be defined in nicSelector in CR %s\", cr.GetName()\n1888827 - ovnkube-master may segfault when trying to add IPs to a nil address set\n1888861 - need to pass dual-stack service CIDRs to kube-apiserver in dual-stack cluster\n1888866 - AggregatedAPIDown permanently firing after removing APIService\n1888870 - JS error when using autocomplete in YAML editor\n1888874 - hover message are not shown for some properties\n1888900 - align plugins versions\n1888985 - Cypress: Fix \u0027Ensures buttons have discernible text\u0027 accesibility violation\n1889213 - The error message of uploading failure is not clear enough\n1889267 - Increase the time out for creating template and upload image in the terraform\n1889348 - Project link should be removed from Application Details page, since it is inaccurate (Application Stages)\n1889374 - Kiali feature won\u0027t work on fresh 4.6 cluster\n1889388 - ListBundles returns incorrect replaces/skips when bundles have been added via semver-skippatch mode\n1889420 - OCP failed to add vsphere disk when pod moved to new node during cluster upgrade\n1889515 - Accessibility - The symbols e.g checkmark in the Node \u003e overview page has no text description, label, or other accessible information\n1889529 - [Init-CR annotation] Inline alert shows operand instance was needed still appearing after creating an Operand instance\n1889540 - [4.5 upgrade][alert]CloudCredentialOperatorDown\n1889577 - Resources are not shown on project workloads page\n1889620 - [Azure] - Machineset not scaling when publicIP:true in disconnected Azure enviroment\n1889630 - Scheduling disabled popovers are missing for Node status in Node Overview and Details pages\n1889692 - Selected Capacity is showing wrong size\n1889694 - usbguard fails to install as RHCOS extension due to missing libprotobuf.so.15\n1889698 - When the user clicked cancel at the Create Storage Class confirmation dialog all the data from the Local volume set goes off\n1889710 - Prometheus metrics on disk take more space compared to OCP 4.5\n1889721 - opm index add semver-skippatch mode does not respect prerelease versions\n1889724 - When LocalVolumeDiscovery CR is created form the LSO page User doesn\u0027t see the Disk tab\n1889767 - [vsphere] Remove certificate from upi-installer image\n1889779 - error when destroying a vSphere installation that failed early\n1889787 - OCP is flooding the oVirt engine with auth errors\n1889838 - race in Operator update after fix from bz1888073\n1889852 - support new AWS regions ap-east-1, af-south-1, eu-south-1\n1889863 - Router prints incorrect log message for namespace label selector\n1889891 - Backport timecache LRU fix\n1889912 - Drains can cause high CPU usage\n1889921 - Reported Degraded=False Available=False pair does not make sense\n1889928 - [e2e][automation] Add more tests for golden os\n1889943 - EgressNetworkPolicy does not work when setting Allow rule to a dnsName\n1890038 - Infrastructure status.platform not migrated to status.platformStatus causes warnings\n1890074 - MCO extension kernel-headers is invalid\n1890104 - with Serverless 1.10 version of trigger/subscription/channel/IMC is V1 as latest\n1890130 - multitenant mode consistently fails CI\n1890141 - move off docker.io images for build/image-eco/templates/jenkins e2e\n1890145 - The mismatched of font size for Status Ready and Health Check secondary text\n1890180 - FieldDependency x-descriptor doesn\u0027t support non-sibling fields\n1890182 - DaemonSet with existing owner garbage collected\n1890228 - AWS: destroy stuck on route53 hosted zone not found\n1890235 - e2e: update Protractor\u0027s checkErrors logging\n1890250 - workers may fail to join the cluster during an update from 4.5\n1890256 - Replacing a master node on a baremetal IPI deployment gets stuck when deleting the machine of the unhealthy member\n1890270 - External IP doesn\u0027t work if the IP address is not assigned to a node\n1890361 - s390x: Generate new ostree rpm with fix for rootfs immutability\n1890456 - [vsphere] mapi_instance_create_failed doesn\u0027t work on vsphere\n1890467 - unable to edit an application without a service\n1890472 - [Kuryr] Bulk port creation exception not completely formatted\n1890494 - Error assigning Egress IP on GCP\n1890530 - cluster-policy-controller doesn\u0027t gracefully terminate\n1890630 - [Kuryr] Available port count not correctly calculated for alerts\n1890671 - [SA] verify-image-signature using service account does not work\n1890677 - \u0027oc image info\u0027 claims \u0027does not exist\u0027 for application/vnd.oci.image.manifest.v1+json manifest\n1890808 - New etcd alerts need to be added to the monitoring stack\n1890951 - Mirror of multiarch images together with cluster logging case problems. It doesn\u0027t sync the \"overall\" sha it syncs only the sub arch sha. \n1890984 - Rename operator-webhook-config to sriov-operator-webhook-config\n1890995 - wew-app should provide more insight into why image deployment failed\n1891023 - ovn-kubernetes rbac proxy never starts waiting for an incorrect API call\n1891047 - Helm chart fails to install using developer console because of TLS certificate error\n1891068 - [sig-instrumentation] Prometheus when installed on the cluster shouldn\u0027t report any alerts in firing state apart from Watchdog and AlertmanagerReceiversNotConfigured [Early] failing due to TargetDown alert from kube-scheduler\n1891080 - [LSO] When Localvolumeset and SC is already created before OCS install Creation of LVD and LVS is skipped when user click created storage cluster from UI\n1891108 - p\u0026f: Increase the concurrency share of workload-low priority level\n1891143 - CVO deadlocked while shutting down, shortly after fresh cluster install (metrics goroutine)\n1891189 - [LSO] max device limit is accepting negative values. PVC is not getting created and no error is shown\n1891314 - Display incompatible helm charts for installation (kubeVersion of cluster doesn\u0027t meet requirements of chart)\n1891362 - Wrong metrics count for openshift_build_result_total\n1891368 - fync should be fsync for etcdHighFsyncDurations alert\u0027s annotations.message\n1891374 - fync should be fsync for etcdHighFsyncDurations critical alert\u0027s annotations.message\n1891376 - Extra text in Cluster Utilization charts\n1891419 - Wrong detail head on network policy detail page. \n1891459 - Snapshot tests should report stderr of failed commands\n1891498 - Other machine config pools do not show during update\n1891543 - OpenShift 4.6/OSP install fails when node flavor has less than 25GB, even with dedicated storage\n1891551 - Clusterautoscaler doesn\u0027t scale up as expected\n1891552 - Handle missing labels as empty. \n1891555 - The windows oc.exe binary does not have version metadata\n1891559 - kuryr-cni cannot start new thread\n1891614 - [mlx] testpmd fails inside OpenShift pod using DevX version 19.11\n1891625 - [Release 4.7] Mutable LoadBalancer Scope\n1891702 - installer get pending when additionalTrustBundle is added into install-config.yaml\n1891716 - OVN cluster upgrade from 4.6.1 to 4.7 fails\n1891740 - OperatorStatusChanged is noisy\n1891758 - the authentication operator may spam DeploymentUpdated event endlessly\n1891759 - Dockerfile builds cannot change /etc/pki/ca-trust\n1891816 - [UPI] [OSP] control-plane.yml provisioning playbook fails on OSP 16.1\n1891825 - Error message not very informative in case of mode mismatch\n1891898 - The ClusterServiceVersion can define Webhooks that cannot be created. \n1891951 - UI should show warning while creating pools with compression on\n1891952 - [Release 4.7] Apps Domain Enhancement\n1891993 - 4.5 to 4.6 upgrade doesn\u0027t remove deployments created by marketplace\n1891995 - OperatorHub displaying old content\n1891999 - Storage efficiency card showing wrong compression ratio\n1892004 - OCP 4.6 opm on Ubuntu 18.04.4 - error /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.28\u0027 not found (required by ./opm)\n1892167 - [SR-IOV] SriovNetworkNodePolicies apply ignoring the spec.nodeSelector. \n1892198 - TypeError in \u0027Performance Profile\u0027 tab displayed for \u0027Performance Addon Operator\u0027\n1892288 - assisted install workflow creates excessive control-plane disruption\n1892338 - HAProxyReloadFail alert only briefly fires in the event of a broken HAProxy config\n1892358 - [e2e][automation] update feature gate for kubevirt-gating job\n1892376 - Deleted netnamespace could not be re-created\n1892390 - TestOverwrite/OverwriteBundle/DefaultBehavior in operator-registry is flaky\n1892393 - TestListPackages is flaky\n1892448 - MCDPivotError alert/metric missing\n1892457 - NTO-shipped stalld needs to use FIFO for boosting. \n1892467 - linuxptp-daemon crash\n1892521 - [AWS] Startup bootstrap machine failed due to ignition file is missing in disconnected UPI env\n1892653 - User is unable to create KafkaSource with v1beta\n1892724 - VFS added to the list of devices of the nodeptpdevice CRD\n1892799 - Mounting additionalTrustBundle in the operator\n1893117 - Maintenance mode on vSphere blocks installation. \n1893351 - TLS secrets are not able to edit on console. \n1893362 - The ovs-xxxxx_openshift-sdn container does not terminate gracefully, slowing down reboots\n1893386 - false-positive ReadyIngressNodes_NoReadyIngressNodes: Auth operator makes risky \"worker\" assumption when guessing about ingress availability\n1893546 - Deploy using virtual media fails on node cleaning step\n1893601 - overview filesystem utilization of OCP is showing the wrong values\n1893645 - oc describe route SIGSEGV\n1893648 - Ironic image building process is not compatible with UEFI secure boot\n1893724 - OperatorHub generates incorrect RBAC\n1893739 - Force deletion doesn\u0027t work for snapshots if snapshotclass is already deleted\n1893776 - No useful metrics for image pull time available, making debugging issues there impossible\n1893798 - Lots of error messages starting with \"get namespace to enqueue Alertmanager instances failed\" in the logs of prometheus-operator\n1893832 - ErrorCount field is missing in baremetalhosts.metal3.io CRD\n1893889 - disabled dropdown items in the pf dropdown component are skipped over and unannounced by JAWS\n1893926 - Some \"Dynamic PV (block volmode)\" pattern storage e2e tests are wrongly skipped\n1893944 - Wrong product name for Multicloud Object Gateway\n1893953 - (release-4.7) Gather default StatefulSet configs\n1893956 - Installation always fails at \"failed to initialize the cluster: Cluster operator image-registry is still updating\"\n1893963 - [Testday] Workloads-\u003e Virtualization is not loading for Firefox browser\n1893972 - Should skip e2e test cases as early as possible\n1894013 - [v2v][Testday] VMware to CNV VM import]VMware URL: It is not clear that only the FQDN/IP address is required without \u0027https://\u0027\n1894020 - User with edit users cannot deploy images from their own namespace from the developer perspective\n1894025 - OCP 4.5 to 4.6 upgrade for \"aws-ebs-csi-driver-operator\" fails when \"defaultNodeSelector\" is set\n1894041 - [v2v][[Testday]VM import from VMware/RHV] VM import wizard: The target storage class name is not displayed if default storage class is used. \n1894065 - tag new packages to enable TLS support\n1894110 - Console shows wrong value for maxUnavailable and maxSurge when set to 0\n1894144 - CI runs of baremetal IPI are failing due to newer libvirt libraries\n1894146 - ironic-api used by metal3 is over provisioned and consumes a lot of RAM\n1894194 - KuryrPorts leftovers from 4.6 GA need to be deleted\n1894210 - Failed to encrypt OSDs on OCS4.6 installation (via UI)\n1894216 - Improve OpenShift Web Console availability\n1894275 - Fix CRO owners file to reflect node owner\n1894278 - \"database is locked\" error when adding bundle to index image\n1894330 - upgrade channels needs to be updated for 4.7\n1894342 - oauth-apiserver logs many \"[SHOULD NOT HAPPEN] failed to update managedFields for ... OAuthClient ... no corresponding type for oauth.openshift.io/v1, Kind=OAuthClient\"\n1894374 - Dont prevent the user from uploading a file with incorrect extension\n1894432 - [oVirt] sometimes installer timeout on tmp_import_vm\n1894477 - bash syntax error in nodeip-configuration.service\n1894503 - add automated test for Polarion CNV-5045\n1894519 - [OSP] External mode cluster creation disabled for Openstack and oVirt platform\n1894539 - [on-prem] Unable to deploy additional machinesets on separate subnets\n1894645 - Cinder volume provisioning crashes on nil cloud provider\n1894677 - image-pruner job is panicking: klog stack\n1894810 - Remove TechPreview Badge from Eventing in Serverless version 1.11.0\n1894860 - \u0027backend\u0027 CI job passing despite failing tests\n1894910 - Update the node to use the real-time kernel fails\n1894992 - All nightly jobs for e2e-metal-ipi failing due to ipa image missing tenacity package\n1895065 - Schema / Samples / Snippets Tabs are all selected at the same time\n1895099 - vsphere-upi and vsphere-upi-serial jobs time out waiting for bootstrap to complete in CI\n1895141 - panic in service-ca injector\n1895147 - Remove memory limits on openshift-dns\n1895169 - VM Template does not properly manage Mount Windows guest tools check box during VM creation\n1895268 - The bundleAPIs should NOT be empty\n1895309 - [OCP v47] The RHEL node scaleup fails due to \"No package matching \u0027cri-o-1.19.*\u0027 found available\" on OCP 4.7 cluster\n1895329 - The infra index filled with warnings \"WARNING: kubernetes.io/cinder built-in volume provider is now deprecated. The Cinder volume provider is deprecated and will be removed in a future release\"\n1895360 - Machine Config Daemon removes a file although its defined in the dropin\n1895367 - Missing image in metadata DB index.db in disconnected Operator Hub installation. OCP 4.6.1\n1895372 - Web console going blank after selecting any operator to install from OperatorHub\n1895385 - Revert KUBELET_LOG_LEVEL back to level 3\n1895423 - unable to edit an application with a custom builder image\n1895430 - unable to edit custom template application\n1895509 - Backup taken on one master cannot be restored on other masters\n1895537 - [sig-imageregistry][Feature:ImageExtract] Image extract should extract content from an image\n1895838 - oc explain description contains \u0027/\u0027\n1895908 - \"virtio\" option is not available when modifying a CD-ROM to disk type\n1895909 - e2e-metal-ipi-ovn-dualstack is failing\n1895919 - NTO fails to load kernel modules\n1895959 - configuring webhook token authentication should prevent cluster upgrades\n1895979 - Unable to get coreos-installer with --copy-network to work\n1896101 - [cnv][automation] Added negative tests for migration from VMWare and RHV\n1896160 - CI: Some cluster operators are not ready: marketplace (missing: Degraded)\n1896188 - [sig-cli] oc debug deployment configs from a build: local-busybox-1-build not completed\n1896218 - Occasional GCP install failures: Error setting IAM policy for project ...: googleapi: Error 400: Service account ... does not exist., badRequest\n1896229 - Current Rate of Bytes Received and Current Rate of Bytes Transmitted data can not be loaded\n1896244 - Found a panic in storage e2e test\n1896296 - Git links should avoid .git as part of the URL and should not link git:// urls in general\n1896302 - [e2e][automation] Fix 4.6 test failures\n1896365 - [Migration]The SDN migration cannot revert under some conditions\n1896384 - [ovirt IPI]: local coredns resolution not working\n1896446 - Git clone from private repository fails after upgrade OCP 4.5 to 4.6\n1896529 - Incorrect instructions in the Serverless operator and application quick starts\n1896645 - documentationBaseURL needs to be updated for 4.7\n1896697 - [Descheduler] policy.yaml param in cluster configmap is empty\n1896704 - Machine API components should honour cluster wide proxy settings\n1896732 - \"Attach to Virtual Machine OS\" button should not be visible on old clusters\n1896866 - File /etc/NetworkManager/system-connections/default_connection.nmconnection is incompatible with SR-IOV operator\n1896898 - ovs-configuration.service fails when multiple IPv6 default routes are provided via RAs over the same interface and deployment bootstrap fails\n1896918 - start creating new-style Secrets for AWS\n1896923 - DNS pod /metrics exposed on anonymous http port\n1896977 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters\n1897003 - VNC console cannot be connected after visit it in new window\n1897008 - Cypress: reenable check for \u0027aria-hidden-focus\u0027 rule \u0026 checkA11y test for modals\n1897026 - [Migration] With updating optional network operator configuration, migration stucks on MCO\n1897039 - router pod keeps printing log: template \"msg\"=\"router reloaded\" \"output\"=\"[WARNING] 316/065823 (15) : parsing [/var/lib/haproxy/conf/haproxy.config:52]: option \u0027http-use-htx\u0027 is deprecated and ignored\n1897050 - [IBM Power] LocalVolumeSet provisions boot partition as PV. \n1897073 - [OCP 4.5] wrong netid assigned to Openshift projects/namespaces\n1897138 - oVirt provider uses depricated cluster-api project\n1897142 - When scaling replicas to zero, Octavia loadbalancer pool members are not updated accordingly\n1897252 - Firing alerts are not showing up in console UI after cluster is up for some time\n1897354 - Operator installation showing success, but Provided APIs are missing\n1897361 - The MCO GCP-OP tests fail consistently on containerruntime tests with \"connection refused\"\n1897412 - [sriov]disableDrain did not be updated in CRD of manifest\n1897423 - Max unavailable and Max surge value are not shown on Deployment Config Details page\n1897516 - Baremetal IPI deployment with IPv6 control plane fails when the nodes obtain both SLAAC and DHCPv6 addresses as they set their hostname to \u0027localhost\u0027\n1897520 - After restarting nodes the image-registry co is in degraded true state. \n1897584 - Add casc plugins\n1897603 - Cinder volume attachment detection failure in Kubelet\n1897604 - Machine API deployment fails: Kube-Controller-Manager can\u0027t reach API: \"Unauthorized\"\n1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers\n1897641 - Baremetal IPI with IPv6 control plane: nodes respond with duplicate packets to ICMP6 echo requests\n1897676 - [CI] [Azure] [UPI] CI failing since 4.6 changes in ignition\n1897830 - [GSS] Unable to deploy OCS 4.5.2 on OCP 4.6.1, cannot `Create OCS Cluster Service`\n1897891 - [RFE][v2v][UI][CNV VM import] Providing error message or/and block migration when vddk-init-image is missing\n1897897 - ptp lose sync openshift 4.6\n1898036 - no network after reboot (IPI)\n1898045 - AWS EBS CSI Driver can not get updated cloud credential secret automatically\n1898097 - mDNS floods the baremetal network\n1898118 - Lack of logs on some image stream tests make hard to find root cause of a problem\n1898134 - Descheduler logs show absolute values instead of percentage when LowNodeUtilization strategy is applied\n1898159 - kcm operator shall pass --allocate-node-cidrs=false to kcm for ovn-kube and openshift-sdn cluster\n1898174 - [OVN] EgressIP does not guard against node IP assignment\n1898194 - GCP: can\u0027t install on custom machine types\n1898238 - Installer validations allow same floating IP for API and Ingress\n1898268 - [OVN]: `make check` broken on 4.6\n1898289 - E2E test: Use KUBEADM_PASSWORD_FILE by default\n1898320 - Incorrect Apostrophe Translation of \"it\u0027s\" in Scheduling Disabled Popover\n1898357 - Within the operatorhub details view, long unbroken text strings do not wrap cause breaking display. \n1898407 - [Deployment timing regression] Deployment takes longer with 4.7\n1898417 - GCP: the dns targets in Google Cloud DNS is not updated after recreating loadbalancer service\n1898487 - [oVirt] Node is not removed when VM has been removed from oVirt engine\n1898500 - Failure to upgrade operator when a Service is included in a Bundle\n1898517 - Ironic auto-discovery may result in rogue nodes registered in ironic\n1898532 - Display names defined in specDescriptors not respected\n1898580 - When adding more than one node selector to the sriovnetworknodepolicy, the cni and the device plugin pods are constantly rebooted\n1898613 - Whereabouts should exclude IPv6 ranges\n1898655 - [oVirt] Node deleted in oVirt should cause the Machine to go into a Failed phase\n1898679 - Operand creation form - Required \"type: object\" properties (Accordion component) are missing red asterisk\n1898680 - CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability\n1898745 - installation failing with CVO reporting openshift-samples not rolled out, samples not setting versions in its ClusterOperator\n1898839 - Wrong YAML in operator metadata\n1898851 - Multiple Pods access the same volume on the same node e2e test cases are missed from aws ebs csi driver e2e test job\n1898873 - Remove TechPreview Badge from Monitoring\n1898954 - Backup script does not take /etc/kubernetes/static-pod-resources on a reliable way\n1899111 - [RFE] Update jenkins-maven-agen to maven36\n1899128 - VMI details screen -\u003e show the warning that it is preferable to have a VM only if the VM actually does not exist\n1899175 - bump the RHCOS boot images for 4.7\n1899198 - Use new packages for ipa ramdisks\n1899200 - In Installed Operators page I cannot search for an Operator by it\u0027s name\n1899220 - Support AWS IMDSv2\n1899350 - configure-ovs.sh doesn\u0027t configure bonding options\n1899433 - When Creating OCS from ocs wizard Step Discover Disks shows Error \"An error occurred Not Found\"\n1899459 - Failed to start monitoring pods once the operator removed from override list of CVO\n1899515 - Passthrough credentials are not immediately re-distributed on update\n1899575 - update discovery burst to reflect lots of CRDs on openshift clusters\n1899582 - update discovery burst to reflect lots of CRDs on openshift clusters\n1899588 - Operator objects are re-created after all other associated resources have been deleted\n1899600 - Increased etcd fsync latency as of OCP 4.6\n1899603 - workers-rhel7 CI jobs failing: Failed to remove rollback: error running rpm-ostree cleanup\n1899627 - Project dashboard Active status using small icon\n1899725 - Pods table does not wrap well with quick start sidebar open\n1899746 - [ovn] error while waiting on flows for pod: OVS sandbox port is no longer active (probably due to a subsequent CNI ADD)\n1899760 - etcd_request_duration_seconds_bucket metric has excessive cardinality\n1899835 - catalog-operator repeatedly crashes with \"runtime error: index out of range [0] with length 0\"\n1899839 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap\n1899853 - additionalSecurityGroupIDs not working for master nodes\n1899922 - NP changes sometimes influence new pods. \n1899949 - [Platform] Remove restriction on disk type selection for LocalVolumeSet\n1900008 - Fix internationalized sentence fragments in ImageSearch.tsx\n1900010 - Fix internationalized sentence fragments in BuildImageSelector.tsx\n1900020 - Remove \u0026apos; from internationalized keys\n1900022 - Search Page - Top labels field is not applied to selected Pipeline resources\n1900030 - disruption_tests: [sig-imageregistry] Image registry remain available failing consistently\n1900126 - Creating a VM results in suggestion to create a default storage class when one already exists\n1900138 - [OCP on RHV] Remove insecure mode from the installer\n1900196 - stalld is not restarted after crash\n1900239 - Skip \"subPath should be able to unmount\" NFS test\n1900322 - metal3 pod\u0027s toleration for key: node-role.kubernetes.io/master currently matches on exact value matches but should match on Exists\n1900377 - [e2e][automation] create new css selector for active users\n1900496 - (release-4.7) Collect spec config for clusteroperator resources\n1900672 - (s390x) Upgrade from old LUKS to new not working with DASD disks\n1900699 - Impossible to add new Node on OCP 4.6 using large ECKD disks - fdasd issue\n1900759 - include qemu-guest-agent by default\n1900790 - Track all resource counts via telemetry\n1900835 - Multus errors when cachefile is not found\n1900935 - `oc adm release mirror` panic panic: runtime error\n1900989 - accessing the route cannot wake up the idled resources\n1901040 - When scaling down the status of the node is stuck on deleting\n1901057 - authentication operator health check failed when installing a cluster behind proxy\n1901107 - pod donut shows incorrect information\n1901111 - Installer dependencies are broken\n1901200 - linuxptp-daemon crash when enable debug log level\n1901301 - CBO should handle platform=BM without provisioning CR\n1901355 - [Azure][4.7] Invalid vm size from customized compute nodes does not fail properly\n1901363 - High Podready Latency due to timed out waiting for annotations\n1901373 - redundant bracket on snapshot restore button\n1901376 - [on-prem] Upgrade from 4.6 to 4.7 failed with \"timed out waiting for the condition during waitForControllerConfigToBeCompleted: controllerconfig is not completed: ControllerConfig has not completed: completed(false) running(false) failing(true\"\n1901395 - \"Edit virtual machine template\" action link should be removed\n1901472 - [OSP] Bootstrap and master nodes use different keepalived unicast setting\n1901517 - RHCOS 4.6.1 uses a single NetworkManager connection for multiple NICs when using default DHCP\n1901531 - Console returns a blank page while trying to create an operator Custom CR with Invalid Schema\n1901594 - Kubernetes resource CRUD operations.Kubernetes resource CRUD operations Pod \"before all\" hook for \"creates the resource instance\"\n1901604 - CNO blocks editing Kuryr options\n1901675 - [sig-network] multicast when using one of the plugins \u0027redhat/openshift-ovs-multitenant, redhat/openshift-ovs-networkpolicy\u0027 should allow multicast traffic in namespaces where it is enabled\n1901909 - The device plugin pods / cni pod are restarted every 5 minutes\n1901982 - [sig-builds][Feature:Builds] build can reference a cluster service with a build being created from new-build should be able to run a build that references a cluster service\n1902019 - when podTopologySpreadConstraint strategy is enabled for descheduler it throws error\n1902059 - Wire a real signer for service accout issuer\n1902091 - `cluster-image-registry-operator` pod leaves connections open when fails connecting S3 storage\n1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service\n1902157 - The DaemonSet machine-api-termination-handler couldn\u0027t allocate Pod\n1902253 - MHC status doesnt set RemediationsAllowed = 0\n1902299 - Failed to mirror operator catalog - error: destination registry required\n1902545 - Cinder csi driver node pod should add nodeSelector for Linux\n1902546 - Cinder csi driver node pod doesn\u0027t run on master node\n1902547 - Cinder csi driver controller pod doesn\u0027t run on master node\n1902552 - Cinder csi driver does not use the downstream images\n1902595 - Project workloads list view doesn\u0027t show alert icon and hover message\n1902600 - Container csi-snapshotter in Cinder csi driver needs to use ImagePullPolicy=IfNotPresent\n1902601 - Cinder csi driver pods run as BestEffort qosClass\n1902653 - [BM][IPI] Master deployment failed: No valid host was found. Reason: No conductor service registered which supports driver redfish for conductor group\n1902702 - [sig-auth][Feature:LDAP][Serial] ldap group sync can sync groups from ldap: oc cp over non-existing directory/file fails\n1902746 - [BM][IP] Master deployment failed - Base.1.0.GeneralError: database is locked\n1902824 - failed to generate semver informed package manifest: unable to determine default channel\n1902894 - hybrid-overlay-node crashing trying to get node object during initialization\n1902969 - Cannot load vmi detail page\n1902981 - It should default to current namespace when create vm from template\n1902996 - [AWS] UPI on USGov, bootstrap machine can not fetch ignition file via s3:// URI\n1903033 - duplicated lines of imageContentSources is seen when mirror release image to local registry\n1903034 - OLM continuously printing debug logs\n1903062 - [Cinder csi driver] Deployment mounted volume have no write access\n1903078 - Deleting VolumeSnapshotClass makes VolumeSnapshot not Ready\n1903107 - Enable vsphere-problem-detector e2e tests\n1903164 - OpenShift YAML editor jumps to top every few seconds\n1903165 - Improve Canary Status Condition handling for e2e tests\n1903172 - Column Management: Fix sticky footer on scroll\n1903186 - [Descheduler] cluster logs should report some info when PodTopologySpreadConstraints strategy is enabled\n1903188 - [Descheduler] cluster log reports failed to validate server configuration\" err=\"unsupported log format:\n1903192 - Role name missing on create role binding form\n1903196 - Popover positioning is misaligned for Overview Dashboard status items\n1903206 - Ingress controller incorrectly routes traffic to non-ready pods/backends. \n1903226 - MutatingWebhookConfiguration pod-identity-webhook does not exclude critical control-plane components\n1903248 - Backport Upstream Static Pod UID patch\n1903277 - Deprovisioning Not Deleting Security Groups [VpcLimitExceeded on e2e-aws tests]\n1903290 - Kubelet repeatedly log the same log line from exited containers\n1903346 - PV backed by FC lun is not being unmounted properly and this leads to IO errors / xfs corruption. \n1903382 - Panic when task-graph is canceled with a TaskNode with no tasks\n1903400 - Migrate a VM which is not running goes to pending state\n1903402 - Nic/Disk on VMI overview should link to VMI\u0027s nic/disk page\n1903414 - NodePort is not working when configuring an egress IP address\n1903424 - mapi_machine_phase_transition_seconds_sum doesn\u0027t work\n1903464 - \"Evaluating rule failed\" for \"record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum\" and \"record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum\"\n1903639 - Hostsubnet gatherer produces wrong output\n1903651 - Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service\n1903660 - Cannot install with Assisted Installer on top of IPv6 since network provider is not started\n1903674 - [sig-apps] ReplicationController should serve a basic image on each replica with a private image\n1903717 - Handle different Pod selectors for metal3 Deployment\n1903733 - Scale up followed by scale down can delete all running workers\n1903917 - Failed to load \"Developer Catalog\" page\n1903999 - Httplog response code is always zero\n1904026 - The quota controllers should resync on new resources and make progress\n1904064 - Automated cleaning is disabled by default\n1904124 - DHCP to static lease script doesn\u0027t work correctly if starting with infinite leases\n1904125 - Boostrap VM .ign image gets added into \u0027default\u0027 pool instead of \u003ccluster-name\u003e-\u003cid\u003e-bootstrap\n1904131 - kuryr tempest plugin test test_ipblock_network_policy_sg_rules fails\n1904133 - KubeletConfig flooded with failure conditions\n1904161 - AlertmanagerReceiversNotConfigured fires unconditionally on alertmanager restart\n1904243 - RHCOS 4.6.1 missing ISCSI initiatorname.iscsi !\n1904244 - MissingKey errors for two plugins using i18next.t\n1904262 - clusterresourceoverride-operator has version: 1.0.0 every build\n1904296 - VPA-operator has version: 1.0.0 every build\n1904297 - The index image generated by \"opm index prune\" leaves unrelated images\n1904305 - Should have scroll-down bar for the field which the values list has too many results under dashboards\n1904385 - [oVirt] registry cannot mount volume on 4.6.4 -\u003e 4.6.6 upgrade\n1904497 - vsphere-problem-detector: Run on vSphere cloud only\n1904501 - [Descheduler] descheduler does not evict any pod when PodTopologySpreadConstraint strategy is set\n1904502 - vsphere-problem-detector: allow longer timeouts for some operations\n1904503 - vsphere-problem-detector: emit alerts\n1904538 - [sig-arch][Early] Managed cluster should start all core operators: monitoring: container has runAsNonRoot and image has non-numeric user (nobody)\n1904578 - metric scraping for vsphere problem detector is not configured\n1904582 - All application traffic broken due to unexpected load balancer change on 4.6.4 -\u003e 4.6.6 upgrade\n1904663 - IPI pointer customization MachineConfig always generated\n1904679 - [Feature:ImageInfo] Image info should display information about images\n1904683 - `[sig-builds][Feature:Builds] s2i build with a root user image` tests use docker.io image\n1904684 - [sig-cli] oc debug ensure it works with image streams\n1904713 - Helm charts with kubeVersion restriction are filtered incorrectly\n1904776 - Snapshot modal alert is not pluralized\n1904824 - Set vSphere hostname from guestinfo before NM starts\n1904941 - Insights status is always showing a loading icon\n1904973 - KeyError: \u0027nodeName\u0027 on NP deletion\n1904985 - Prometheus and thanos sidecar targets are down\n1904993 - Many ampersand special characters are found in strings\n1905066 - QE - Monitoring test cases - smoke test suite automation\n1905074 - QE -Gherkin linter to maintain standards\n1905100 - Too many haproxy processes in default-router pod causing high load average\n1905104 - Snapshot modal disk items missing keys\n1905115 - CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm\n1905119 - Race in AWS EBS determining whether custom CA bundle is used\n1905128 - [e2e][automation] e2e tests succeed without actually execute\n1905133 - operator conditions special-resource-operator\n1905141 - vsphere-problem-detector: report metrics through telemetry\n1905146 - Backend Tests: TestHelmRepoGetter_SkipDisabled failures\n1905194 - Detecting broken connections to the Kube API takes up to 15 minutes\n1905221 - CVO transitions from \"Initializing\" to \"Updating\" despite not attempting many manifests\n1905232 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them failing due to inconsistent images between CI and OCP\n1905253 - Inaccurate text at bottom of Events page\n1905298 - openshift-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory\n1905299 - OLM fails to update operator\n1905307 - Provisioning CR is missing from must-gather\n1905319 - cluster-samples-operator containers are not requesting required memory resource\n1905320 - csi-snapshot-webhook is not requesting required memory resource\n1905323 - dns-operator is not requesting required memory resource\n1905324 - ingress-operator is not requesting required memory resource\n1905327 - openshift-kube-scheduler initContainer wait-for-host-port is not requesting required resources: cpu, memory\n1905328 - Changing the bound token service account issuer invalids previously issued bound tokens\n1905329 - openshift-oauth-apiserver initContainer fix-audit-permissions is not requesting required resources: cpu, memory\n1905330 - openshift-monitoring init-textfile is not requesting required resources: cpu, memory\n1905338 - QE -Cypress Automation for Add Flow - Database, Yaml, OperatorBacked, PageDetails\n1905347 - QE - Design Gherkin Scenarios\n1905348 - QE - Design Gherkin Scenarios\n1905362 - [sriov] Error message \u0027Fail to update DaemonSet\u0027 always shown in sriov operator pod\n1905368 - [sriov] net-attach-def generated from sriovnetwork cannot be restored once it was deleted\n1905370 - A-Z/Z-A sorting dropdown on Developer Catalog page is not aligned with filter text input\n1905380 - Default to Red Hat/KubeVirt provider if common template does not have provider annotation\n1905393 - CMO uses rbac.authorization.k8s.io/v1beta1 instead of rbac.authorization.k8s.io/v1\n1905404 - The example of \"Remove the entrypoint on the mysql:latest image\" for `oc image append` does not work\n1905416 - Hyperlink not working from Operator Description\n1905430 - usbguard extension fails to install because of missing correct protobuf dependency version\n1905492 - The stalld service has a higher scheduler priority than ksoftirq and rcu{b, c} threads\n1905502 - Test flake - unable to get https transport for ephemeral-registry\n1905542 - [GSS] The \"External\" mode option is not available when the OCP cluster is deployed using Redhat Cluster Assisted Installer 4.6. \n1905599 - Errant change to lastupdatetime in copied CSV status can trigger runaway csv syncs\n1905610 - Fix typo in export script\n1905621 - Protractor login test fails against a 4.7 (nightly) Power cluster\n1905640 - Subscription manual approval test is flaky\n1905647 - Report physical core valid-for-subscription min/max/cumulative use to telemetry\n1905696 - ClusterMoreUpdatesModal component did not get internationalized\n1905748 - with sharded ingresscontrollers, all shards reload when any endpoint changes\n1905761 - NetworkPolicy with Egress policyType is resulting in SDN errors and improper communication within Project\n1905778 - inconsistent ingresscontroller between fresh installed cluster and upgraded cluster\n1905792 - [OVN]Cannot create egressfirewalll with dnsName\n1905889 - Should create SA for each namespace that the operator scoped\n1905920 - Quickstart exit and restart\n1905941 - Page goes to error after create catalogsource\n1905977 - QE ghaekin design scenaio-pipeline metrics ODC-3711\n1906032 - Canary Controller: Canary daemonset rolls out slowly in large clusters\n1906100 - Disconnected cluster upgrades are failing from the cli, when signature retrieval is being blackholed instead of quickly rejected\n1906105 - CBO annotates an existing Metal3 deployment resource to indicate that it is managing it\n1906118 - OCS feature detection constantly polls storageclusters and storageclasses\n1906120 - \u0027Create Role Binding\u0027 form not setting user or group value when created from a user or group resource\n1906121 - [oc] After new-project creation, the kubeconfig file does not set the project\n1906134 - OLM should not create OperatorConditions for copied CSVs\n1906143 - CBO supports log levels\n1906186 - i18n: Translators are not able to translate `this` without context for alert manager config\n1906228 - tuned and openshift-tuned sometimes do not terminate gracefully, slowing reboots\n1906274 - StorageClass installed by Cinder csi driver operator should enable the allowVolumeExpansion to support volume resize. \n1906276 - `oc image append` can\u0027t work with multi-arch image with --filter-by-os=\u0027.*\u0027\n1906318 - use proper term for Authorized SSH Keys\n1906335 - The lastTransitionTime, message, reason field of operatorcondition should be optional\n1906356 - Unify Clone PVC boot source flow with URL/Container boot source\n1906397 - IPA has incorrect kernel command line arguments\n1906441 - HorizontalNav and NavBar have invalid keys\n1906448 - Deploy using virtualmedia with provisioning network disabled fails - \u0027Failed to connect to the agent\u0027 in ironic-conductor log\n1906459 - openstack: Quota Validation fails if unlimited quotas are given to a project\n1906496 - [BUG] Thanos having possible memory leak consuming huge amounts of node\u0027s memory and killing them\n1906508 - TestHeaderNameCaseAdjust outputs nil error message on some failures\n1906511 - Root reprovisioning tests flaking often in CI\n1906517 - Validation is not robust enough and may prevent to generate install-confing. \n1906518 - Update snapshot API CRDs to v1\n1906519 - Update LSO CRDs to use v1\n1906570 - Number of disruptions caused by reboots on a cluster cannot be measured\n1906588 - [ci][sig-builds] nodes is forbidden: User \"e2e-test-jenkins-pipeline-xfghs-user\" cannot list resource \"nodes\" in API group \"\" at the cluster scope\n1906650 - Cannot collect network policy, EgressFirewall, egressip logs with gather_network_logs\n1906655 - [SDN]Cannot colloect ovsdb-server.log and ovs-vswitchd.log with gather_network_logs\n1906679 - quick start panel styles are not loaded\n1906683 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber\n1906684 - Event Source creation fails if user selects no app group and switch to yaml and then to form\n1906685 - SinkBinding is shown in topology view if underlying resource along with actual source created\n1906689 - user can pin to nav configmaps and secrets multiple times\n1906691 - Add doc which describes disabling helm chart repository\n1906713 - Quick starts not accesible for a developer user\n1906718 - helm chart \"provided by Redhat\" is misspelled\n1906732 - Machine API proxy support should be tested\n1906745 - Update Helm endpoints to use Helm 3.4.x\n1906760 - performance issues with topology constantly re-rendering\n1906766 - localized `Autoscaled` \u0026 `Autoscaling` pod texts overlap with the pod ring\n1906768 - Virtualization nav item is incorrectly placed in the Admin Workloads section\n1906769 - topology fails to load with non-kubeadmin user\n1906770 - shortcuts on mobiles view occupies a lot of space\n1906798 - Dev catalog customization doesn\u0027t update console-config ConfigMap\n1906806 - Allow installing extra packages in ironic container images\n1906808 - [test-disabled] ServiceAccounts should support OIDC discovery of service account issuer\n1906835 - Topology view shows add page before then showing full project workloads\n1906840 - ClusterOperator should not have status \"Updating\" if operator version is the same as the release version\n1906844 - EndpointSlice and EndpointSliceProxying feature gates should be disabled for openshift-sdn kube-proxy\n1906860 - Bump kube dependencies to v1.20 for Net Edge components\n1906864 - Quick Starts Tour: Need to adjust vertical spacing\n1906866 - Translations of Sample-Utils\n1906871 - White screen when sort by name in monitoring alerts page\n1906872 - Pipeline Tech Preview Badge Alignment\n1906875 - Provide an option to force backup even when API is not available. \n1906877 - Placeholder\u0027 value in search filter do not match column heading in Vulnerabilities\n1906879 - Add missing i18n keys\n1906880 - oidcdiscoveryendpoint controller invalidates all TokenRequest API tokens during install\n1906896 - No Alerts causes odd empty Table (Need no content message)\n1906898 - Missing User RoleBindings in the Project Access Web UI\n1906899 - Quick Start - Highlight Bounding Box Issue\n1906916 - Teach CVO about flowcontrol.apiserver.k8s.io/v1beta1\n1906933 - Cluster Autoscaler should have improved mechanisms for group identifiers\n1906935 - Delete resources when Provisioning CR is deleted\n1906968 - Must-gather should support collecting kubernetes-nmstate resources\n1906986 - Ensure failed pod adds are retried even if the pod object doesn\u0027t change\n1907199 - Need to upgrade machine-api-operator module version under cluster-api-provider-kubevirt\n1907202 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change\n1907211 - beta promotion of p\u0026f switched storage version to v1beta1, making downgrades impossible. \n1907269 - Tooltips data are different when checking stack or not checking stack for the same time\n1907280 - Install tour of OCS not available. \n1907282 - Topology page breaks with white screen\n1907286 - The default mhc machine-api-termination-handler couldn\u0027t watch spot instance\n1907287 - [csi-snapshot-webhook] should support both v1beta1 and v1 version when creating volumesnapshot/volumesnapshotcontent\n1907293 - Increase timeouts in e2e tests\n1907295 - Gherkin script for improve management for helm\n1907299 - Advanced Subscription Badge for KMS and Arbiter not present\n1907303 - Align VM template list items by baseline\n1907304 - Use PF styles for selected template card in VM Wizard\n1907305 - Drop \u0027ISO\u0027 from CDROM boot source message\n1907307 - Support and provider labels should be passed on between templates and sources\n1907310 - Pin action should be renamed to favorite\n1907312 - VM Template source popover is missing info about added date\n1907313 - ClusterOperator objects cannot be overriden with cvo-overrides\n1907328 - iproute-tc package is missing in ovn-kube image\n1907329 - CLUSTER_PROFILE env. variable is not used by the CVO\n1907333 - Node stuck in degraded state, mcp reports \"Failed to remove rollback: error running rpm-ostree cleanup -r: error: Timeout was reached\"\n1907373 - Rebase to kube 1.20.0\n1907375 - Bump to latest available 1.20.x k8s - workloads team\n1907378 - Gather netnamespaces networking info\n1907380 - kube-rbac-proxy exposes tokens, has excessive verbosity\n1907381 - OLM fails to deploy an operator if its deployment template contains a description annotation that doesn\u0027t match the CSV one\n1907390 - prometheus-adapter: panic after k8s 1.20 bump\n1907399 - build log icon link on topology nodes cause app to reload\n1907407 - Buildah version not accessible\n1907421 - [4.6.1]oc-image-mirror command failed on \"error: unable to copy layer\"\n1907453 - Dev Perspective -\u003e running vm details -\u003e resources -\u003e no data\n1907454 - Install PodConnectivityCheck CRD with CNO\n1907459 - \"The Boot source is also maintained by Red Hat.\" is always shown for all boot sources\n1907475 - Unable to estimate the error rate of ingress across the connected fleet\n1907480 - `Active alerts` section throwing forbidden error for users. \n1907518 - Kamelets/Eventsource should be shown to user if they have create access\n1907543 - Korean timestamps are shown when users\u0027 language preferences are set to German-en-en-US\n1907610 - Update kubernetes deps to 1.20\n1907612 - Update kubernetes deps to 1.20\n1907621 - openshift/installer: bump cluster-api-provider-kubevirt version\n1907628 - Installer does not set primary subnet consistently\n1907632 - Operator Registry should update its kubernetes dependencies to 1.20\n1907639 - pass dual-stack node IPs to kubelet in dual-stack clusters\n1907644 - fix up handling of non-critical annotations on daemonsets/deployments\n1907660 - Pod list does not render cell height correctly when pod names are too long (dynamic table rerendering issue?)\n1907670 - CVE-2020-27846 crewjam/saml: authentication bypass in saml authentication\n1907671 - Ingress VIP assigned to two infra nodes simultaneously - keepalived process running in pods seems to fail\n1907767 - [e2e][automation]update test suite for kubevirt plugin\n1907770 - Recent RHCOS 47.83 builds (from rhcos-47.83.202012072210-0 on) don\u0027t allow master and worker nodes to boot\n1907792 - The `overrides` of the OperatorCondition cannot block the operator upgrade\n1907793 - Surface support info in VM template details\n1907812 - 4.7 to 4.6 downgrade stuck in clusteroperator storage\n1907822 - [OCP on OSP] openshift-install panic when checking quota with install-config have no flavor set\n1907863 - Quickstarts status not updating when starting the tour\n1907872 - dual stack with an ipv6 network fails on bootstrap phase\n1907874 - QE - Design Gherkin Scenarios for epic ODC-5057\n1907875 - No response when try to expand pvc with an invalid size\n1907876 - Refactoring record package to make gatherer configurable\n1907877 - QE - Automation- pipelines builder scripts\n1907883 - Fix Pipleine creation without namespace issue\n1907888 - Fix pipeline list page loader\n1907890 - Misleading and incomplete alert message shown in pipeline-parameters and pipeline-resources form\n1907892 - Unable to edit application deployed using \"From Devfile\" option\n1907893 - navSortUtils.spec.ts unit test failure\n1907896 - When a workload is added, Topology does not place the new items well\n1907908 - VM Wizard always uses VirtIO for the VM rootdisk regardless what is defined in common-template\n1907924 - Enable madvdontneed in OpenShift Images\n1907929 - Enable madvdontneed in OpenShift System Components Part 2\n1907936 - NTO is not reporting nto_profile_set_total metrics correctly after reboot\n1907947 - The kubeconfig saved in tenantcluster shouldn\u0027t include anything that is not related to the current context\n1907948 - OCM-O bump to k8s 1.20\n1907952 - bump to k8s 1.20\n1907972 - Update OCM link to open Insights tab\n1907989 - DataVolumes was intorduced in common templates - VM creation fails in the UI\n1907998 - Gather kube_pod_resource_request/limit metrics as exposed in upstream KEP 1916\n1908001 - [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in egress-router-cni\n1908014 - e2e-aws-ansible and e2e-aws-helm are broken in ocp-release-operator-sdk\n1908035 - dynamic-demo-plugin build does not generate dist directory\n1908135 - quick search modal is not centered over topology\n1908145 - kube-scheduler-recovery-controller container crash loop when router pod is co-scheduled\n1908159 - [AWS C2S] MCO fails to sync cloud config\n1908171 - GCP: Installation fails when installing cluster with n1-custom-4-16384custom type (n1-custom-4-16384)\n1908180 - Add source for template is stucking in preparing pvc\n1908217 - CI: Server-Side Apply should work for oauth.openshift.io/v1: has no tokens\n1908231 - [Migration] The pods ovnkube-node are in CrashLoopBackOff after SDN to OVN\n1908277 - QE - Automation- pipelines actions scripts\n1908280 - Documentation describing `ignore-volume-az` is incorrect\n1908296 - Fix pipeline builder form yaml switcher validation issue\n1908303 - [CVE-2020-28367 CVE-2020-28366] Remove CGO flag from rhel Dockerfile in Egress-Router-CNI\n1908323 - Create button missing for PLR in the search page\n1908342 - The new pv_collector_total_pv_count is not reported via telemetry\n1908344 - [vsphere-problem-detector] CheckNodeProviderID and CheckNodeDiskUUID have the same name\n1908347 - CVO overwrites ValidatingWebhookConfiguration for snapshots\n1908349 - Volume snapshot tests are failing after 1.20 rebase\n1908353 - QE - Automation- pipelines runs scripts\n1908361 - bump to k8s 1.20\n1908367 - QE - Automation- pipelines triggers scripts\n1908370 - QE - Automation- pipelines secrets scripts\n1908375 - QE - Automation- pipelines workspaces scripts\n1908381 - Go Dependency Fixes for Devfile Lib\n1908389 - Loadbalancer Sync failing on Azure\n1908400 - Tests-e2e, increase timeouts, re-add TestArchiveUploadedAndResultsReceived\n1908407 - Backport Upstream 95269 to fix potential crash in kubelet\n1908410 - Exclude Yarn from VSCode search\n1908425 - Create Role Binding form subject type and name are undefined when All Project is selected\n1908431 - When the marketplace-operator pod get\u0027s restarted, the custom catalogsources are gone, as well as the pods\n1908434 - Remove \u0026apos from metal3-plugin internationalized strings\n1908437 - Operator backed with no icon has no badge associated with the CSV tag\n1908459 - bump to k8s 1.20\n1908461 - Add bugzilla component to OWNERS file\n1908462 - RHCOS 4.6 ostree removed dhclient\n1908466 - CAPO AZ Screening/Validating\n1908467 - Zoom in and zoom out in topology package should be sentence case\n1908468 - [Azure][4.7] Installer can\u0027t properly parse instance type with non integer memory size\n1908469 - nbdb failed to come up while bringing up OVNKubernetes cluster\n1908471 - OLM should bump k8s dependencies to 1.20\n1908484 - oc adm release extract --cloud=aws --credentials-requests dumps all manifests\n1908493 - 4.7-e2e-metal-ipi-ovn-dualstack intermittent test failures, worker hostname is overwritten by NM\n1908545 - VM clone dialog does not open\n1908557 - [e2e][automation]Miss css id on bootsource and reviewcreate step on wizard\n1908562 - Pod readiness is not being observed in real world cases\n1908565 - [4.6] Cannot filter the platform/arch of the index image\n1908573 - Align the style of flavor\n1908583 - bootstrap does not run on additional networks if configured for master in install-config\n1908596 - Race condition on operator installation\n1908598 - Persistent Dashboard shows events for all provisioners\n1908641 - Go back to Catalog Page link on Virtual Machine page vanishes on empty state\n1908648 - Skip TestKernelType test on OKD, adjust TestExtensions\n1908650 - The title of customize wizard is inconsistent\n1908654 - cluster-api-provider: volumes and disks names shouldn\u0027t change by machine-api-operator\n1908675 - Reenable [sig-storage] CSI mock volume CSI FSGroupPolicy [LinuxOnly] should modify fsGroup if fsGroupPolicy=default [Suite:openshift/conformance/parallel] [Suite:k8s]\n1908687 - Option to save user settings separate when using local bridge (affects console developers only)\n1908697 - Show `kubectl diff ` command in the oc diff help page\n1908715 - Pressing the arrow up key when on topmost quick-search list item it should loop back to bottom\n1908716 - UI breaks on click of sidebar of ksvc (if revisions not up) in topology on 4.7 builds\n1908717 - \"missing unit character in duration\" error in some network dashboards\n1908746 - [Safari] Drop Shadow doesn\u0027t works as expected on hover on workload\n1908747 - stale S3 CredentialsRequest in CCO manifest\n1908758 - AWS: NLB timeout value is rejected by AWS cloud provider after 1.20 rebase\n1908830 - RHCOS 4.6 - Missing Initiatorname\n1908868 - Update empty state message for EventSources and Channels tab\n1908880 - 4.7 aws-serial CI: NoExecuteTaintManager Single Pod [Serial] eventually evict pod with finite tolerations from tainted nodes\n1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference\n1908888 - Dualstack does not work with multiple gateways\n1908889 - Bump CNO to k8s 1.20\n1908891 - TestDNSForwarding DNS operator e2e test is failing frequently\n1908914 - CNO: upgrade nodes before masters\n1908918 - Pipeline builder yaml view sidebar is not responsive\n1908960 - QE - Design Gherkin Scenarios\n1908971 - Gherkin Script for pipeline debt 4.7\n1908983 - i18n: Add Horizontal Pod Autoscaler action menu is not translated\n1908997 - Unsupported access mode should not be available when creating pvc by cinder-csi-driver/gcp-pd-csi-driver from web-console\n1908998 - [cinder-csi-driver] doesn\u0027t detect the credentials change\n1909004 - \"No datapoints found\" for RHEL node\u0027s filesystem graph\n1909005 - i18n: workloads list view heading is not translated\n1909012 - csi snapshot webhook does not block any invalid update for volumesnapshot and volumesnapshotcontent objects\n1909027 - Disks option of Sectected capacity chart shows HDD disk even on selection of SDD disk type\n1909043 - OCP + OCS 4.7 Internal - Storage cluster creation throws warning when zone=0 in VMware\n1909067 - Web terminal should keep latest output when connection closes\n1909070 - PLR and TR Logs component is not streaming as fast as tkn\n1909092 - Error Message should not confuse user on Channel form\n1909096 - OCP 4.7+OCS 4.7 - The Requested Cluster Capacity field needs to include the selected capacity in calculation in Review and Create Page\n1909108 - Machine API components should use 1.20 dependencies\n1909116 - Catalog Sort Items dropdown is not aligned on Firefox\n1909198 - Move Sink action option is not working\n1909207 - Accessibility Issue on monitoring page\n1909236 - Remove pinned icon overlap on resource name\n1909249 - Intermittent packet drop from pod to pod\n1909276 - Accessibility Issue on create project modal\n1909289 - oc debug of an init container no longer works\n1909290 - Logging may be broken due to mix of k8s.io/klog v1 and v2\n1909358 - registry.redhat.io/redhat/community-operator-index:latest only have hyperfoil-bundle\n1909453 - Boot disk RAID can corrupt ESP if UEFI firmware writes to it\n1909455 - Boot disk RAID will not boot if the primary disk enumerates but fails I/O\n1909464 - Build operator-registry with golang-1.15\n1909502 - NO_PROXY is not matched between bootstrap and global cluster setting which lead to desired master machineconfig is not found\n1909521 - Add kubevirt cluster type for e2e-test workflow\n1909527 - [IPI Baremetal] After upgrade from 4.6 to 4.7 metal3 pod does not get created\n1909587 - [OCP4] all of the OCP master nodes with soft-anti-affinity run on the same OSP node\n1909610 - Fix available capacity when no storage class selected\n1909678 - scale up / down buttons available on pod details side panel\n1909723 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder \u0026 base images to be consistent with ART\n1909730 - unbound variable error if EXTRA_PKGS_LIST is not defined\n1909739 - Arbiter request data changes\n1909744 - cluster-api-provider-openstack: Bump gophercloud\n1909790 - PipelineBuilder yaml view cannot be used for editing a pipeline\n1909791 - Update standalone kube-proxy config for EndpointSlice\n1909792 - Empty states for some details page subcomponents are not i18ned\n1909815 - Perspective switcher is only half-i18ned\n1909821 - OCS 4.7 LSO installation blocked because of Error \"Invalid value: \"integer\": spec.flexibleScaling in body\n1909836 - operator-install-global Cypress test was failing in OLM as it depends on an operator that isn\u0027t installed in CI\n1909864 - promote-release-openshift-machine-os-content-e2e-aws-4.5 is perm failing\n1909911 - [OVN]EgressFirewall caused a segfault\n1909943 - Upgrade from 4.6 to 4.7 stuck due to write /sys/devices/xxxx/block/sda/queue/scheduler: invalid argument\n1909958 - Support Quick Start Highlights Properly\n1909978 - ignore-volume-az = yes not working on standard storageClass\n1909981 - Improve statement in template select step\n1909992 - Fail to pull the bundle image when using the private index image\n1910024 - Reload issue in latest(4.7) UI code on 4.6 cluster locally in dev\n1910036 - QE - Design Gherkin Scenarios ODC-4504\n1910049 - UPI: ansible-galaxy is not supported\n1910127 - [UPI on oVirt]: Improve UPI Documentation\n1910140 - fix the api dashboard with changes in upstream kube 1.20\n1910160 - If two OperatorConditions include the same deployments they will keep updating the deployment\u0027s containers with the OPERATOR_CONDITION_NAME Environment Variable\n1910165 - DHCP to static lease script doesn\u0027t handle multiple addresses\n1910305 - [Descheduler] - The minKubeVersion should be 1.20.0\n1910409 - Notification drawer is not localized for i18n\n1910459 - Could not provision gcp volume if delete secret gcp-pd-cloud-credentials\n1910492 - KMS details are auto-populated on the screen in next attempt at Storage cluster creation\n1910501 - Installed Operators-\u003eOperand required: Clicking on cancel in Storage cluster page takes back to the Install Operator page\n1910533 - [OVN] It takes about 5 minutes for EgressIP failover to work\n1910581 - library-go: proxy ENV is not injected into csi-driver-controller which lead to storage operator never get ready\n1910666 - Creating a Source Secret from type SSH-Key should use monospace font for better usability\n1910738 - OCP 4.7 Installation fails on VMWare due to 1 worker that is degraded\n1910739 - Redfish-virtualmedia (idrac) deploy fails on \"The Virtual Media image server is already connected\"\n1910753 - Support Directory Path to Devfile\n1910805 - Missing translation for Pipeline status and breadcrumb text\n1910829 - Cannot delete a PVC if the dv\u0027s phase is WaitForFirstConsumer\n1910840 - Show Nonexistent command info in the `oc rollback -h` help page\n1910859 - breadcrumbs doesn\u0027t use last namespace\n1910866 - Unify templates string\n1910870 - Unify template dropdown action\n1911016 - Prometheus unable to mount NFS volumes after upgrading to 4.6\n1911129 - Monitoring charts renders nothing when switching from a Deployment to \"All workloads\"\n1911176 - [MSTR-998] Wrong text shown when hovering on lines of charts in API Performance dashboard\n1911212 - [MSTR-998] API Performance Dashboard \"Period\" drop-down has a choice \"$__auto_interval_period\" which can bring \"1:154: parse error: missing unit character in duration\"\n1911213 - Wrong and misleading warning for VMs that were created manually (not from template)\n1911257 - [aws-c2s] failed to create cluster, kube-cloud-config was not created\n1911269 - waiting for the build message present when build exists\n1911280 - Builder images are not detected for Dotnet, Httpd, NGINX\n1911307 - Pod Scale-up requires extra privileges in OpenShift web-console\n1911381 - \"Select Persistent Volume Claim project\" shows in customize wizard when select a source available template\n1911382 - \"source volumeMode (Block) and target volumeMode (Filesystem) do not match\" shows in VM Error\n1911387 - Hit error - \"Cannot read property \u0027value\u0027 of undefined\" while creating VM from template\n1911408 - [e2e][automation] Add auto-clone cli tests and new flow of VM creation\n1911418 - [v2v] The target storage class name is not displayed if default storage class is used\n1911434 - git ops empty state page displays icon with watermark\n1911443 - SSH Cretifiaction field should be validated\n1911465 - IOPS display wrong unit\n1911474 - Devfile Application Group Does Not Delete Cleanly (errors)\n1911487 - Pruning Deployments should use ReplicaSets instead of ReplicationController\n1911574 - Expose volume mode on Upload Data form\n1911617 - [CNV][UI] Failure to add source to VM template when no default storage class is defined\n1911632 - rpm-ostree command fail due to wrong options when updating ocp-4.6 to 4.7 on worker nodes with rt-kernel\n1911656 - using \u0027operator-sdk run bundle\u0027 to install operator successfully, but the command output said \u0027Failed to run bundle\u0027\u0027\n1911664 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state\n1911782 - Descheduler should not evict pod used local storage by the PVC\n1911796 - uploading flow being displayed before submitting the form\n1912066 - The ansible type operator\u0027s manager container is not stable when managing the CR\n1912077 - helm operator\u0027s default rbac forbidden\n1912115 - [automation] Analyze job keep failing because of \u0027JavaScript heap out of memory\u0027\n1912237 - Rebase CSI sidecars for 4.7\n1912381 - [e2e][automation] Miss css ID on Create Network Attachment Definition page\n1912409 - Fix flow schema deployment\n1912434 - Update guided tour modal title\n1912522 - DNS Operator e2e test: TestCoreDNSImageUpgrade is fundamentally broken\n1912523 - Standalone pod status not updating in topology graph\n1912536 - Console Plugin CR for console-demo-plugin has wrong apiVersion\n1912558 - TaskRun list and detail screen doesn\u0027t show Pending status\n1912563 - p\u0026f: carry 97206: clean up executing request on panic\n1912565 - OLM macOS local build broken by moby/term dependency\n1912567 - [OCP on RHV] Node becomes to \u0027NotReady\u0027 status when shutdown vm from RHV UI only on the second deletion\n1912577 - 4.1/4.2-\u003e4.3-\u003e...-\u003e 4.7 upgrade is stuck during 4.6-\u003e4.7 with co/openshift-apiserver Degraded, co/network not Available and several other components pods CrashLoopBackOff\n1912590 - publicImageRepository not being populated\n1912640 - Go operator\u0027s controller pods is forbidden\n1912701 - Handle dual-stack configuration for NIC IP\n1912703 - multiple queries can\u0027t be plotted in the same graph under some conditons\n1912730 - Operator backed: In-context should support visual connector if SBO is not installed\n1912828 - Align High Performance VMs with High Performance in RHV-UI\n1912849 - VM from wizard - default flavor does not match the actual flavor set by common templates\n1912852 - VM from wizard - available VM templates - \"storage\" field is \"0 B\"\n1912888 - recycler template should be moved to KCM operator\n1912907 - Helm chart repository index can contain unresolvable relative URL\u0027s\n1912916 - Set external traffic policy to cluster for IBM platform\n1912922 - Explicitly specifying the operator generated default certificate for an ingress controller breaks the ingress controller\n1912938 - Update confirmation modal for quick starts\n1912942 - cluster-storage-operator: proxy ENV is not injected into vsphere-problem-detector deployment\n1912944 - cluster-storage-operator: proxy ENV is not injected into Manila CSI driver operator deployment\n1912945 - aws-ebs-csi-driver-operator: proxy ENV is not injected into the CSI driver\n1912946 - gcp-pd-csi-driver-operator: proxy ENV is not injected into the CSI driver\n1912947 - openstack-cinder-csi-driver-operator: proxy ENV is not injected into the CSI driver\n1912948 - csi-driver-manila-operator: proxy ENV is not injected into the CSI driver\n1912949 - ovirt-csi-driver-operator: proxy ENV is not injected into the CSI driver\n1912977 - rebase upstream static-provisioner\n1913006 - Remove etcd v2 specific alerts with etcd_http* metrics\n1913011 - [OVN] Pod\u0027s external traffic not use egressrouter macvlan ip as a source ip\n1913037 - update static-provisioner base image\n1913047 - baremetal clusteroperator progressing status toggles between true and false when cluster is in a steady state\n1913085 - Regression OLM uses scoped client for CRD installation\n1913096 - backport: cadvisor machine metrics are missing in k8s 1.19\n1913132 - The installation of Openshift Virtualization reports success early before it \u0027s succeeded eventually\n1913154 - Upgrading to 4.6.10 nightly failed with RHEL worker nodes: Failed to find /dev/disk/by-label/root\n1913196 - Guided Tour doesn\u0027t handle resizing of browser\n1913209 - Support modal should be shown for community supported templates\n1913226 - [Migration] The SDN migration rollback failed if customize vxlanPort\n1913249 - update info alert this template is not aditable\n1913285 - VM list empty state should link to virtualization quick starts\n1913289 - Rebase AWS EBS CSI driver for 4.7\n1913292 - OCS 4.7 Installation failed over vmware when arbiter was enabled, as flexibleScaling is also getting enabled\n1913297 - Remove restriction of taints for arbiter node\n1913306 - unnecessary scroll bar is present on quick starts panel\n1913325 - 1.20 rebase for openshift-apiserver\n1913331 - Import from git: Fails to detect Java builder\n1913332 - Pipeline visualization breaks the UI when multiple taskspecs are used\n1913343 - (release-4.7) Added changelog file for insights-operator\n1913356 - (release-4.7) Implemented gathering specific logs from openshift apiserver operator\n1913371 - Missing i18n key \"Administrator\" in namespace \"console-app\" and language \"en.\"\n1913386 - users can see metrics of namespaces for which they don\u0027t have rights when monitoring own services with prometheus user workloads\n1913420 - Time duration setting of resources is not being displayed\n1913536 - 4.6.9 -\u003e 4.7 upgrade hangs. RHEL 7.9 worker stuck on \"error enabling unit: Failed to execute operation: File exists\\\\n\\\"\n1913554 - Recording rule for ingress error fraction SLI is incorrect, uses irate instead of increase\n1913560 - Normal user cannot load template on the new wizard\n1913563 - \"Virtual Machine\" is not on the same line in create button when logged with normal user\n1913567 - Tooltip data should be same for line chart or stacked chart, display data value same as the table\n1913568 - Normal user cannot create template\n1913582 - [Migration]SDN to OVN migration stucks on MCO for rhel worker\n1913585 - Topology descriptive text fixes\n1913608 - Table data contains data value None after change time range in graph and change back\n1913651 - Improved Red Hat image and crashlooping OpenShift pod collection\n1913660 - Change location and text of Pipeline edit flow alert\n1913685 - OS field not disabled when creating a VM from a template\n1913716 - Include additional use of existing libraries\n1913725 - Refactor Insights Operator Plugin states\n1913736 - Regression: fails to deploy computes when using root volumes\n1913747 - Update operator to kubernetes 1.20.1 to pickup upstream fixes\n1913751 - add third-party network plugin test suite to openshift-tests\n1913783 - QE-To fix the merging pr issue, commenting the afterEach() block\n1913807 - Template support badge should not be shown for community supported templates\n1913821 - Need definitive steps about uninstalling descheduler operator\n1913851 - Cluster Tasks are not sorted in pipeline builder\n1913864 - BuildConfig YAML template references ruby ImageStreamTag that no longer exists\n1913951 - Update the Devfile Sample Repo to an Official Repo Host\n1913960 - Cluster Autoscaler should use 1.20 dependencies\n1913969 - Field dependency descriptor can sometimes cause an exception\n1914060 - Disk created from \u0027Import via Registry\u0027 cannot be used as boot disk\n1914066 - [sriov] sriov dp pod crash when delete ovs HW offload policy\n1914090 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks)\n1914119 - vsphere problem detector operator has no permission to update storages.operator.openshift.io instances\n1914125 - Still using /dev/vde as default device path when create localvolume\n1914183 - Empty NAD page is missing link to quickstarts\n1914196 - target port in `from dockerfile` flow does nothing\n1914204 - Creating VM from dev perspective may fail with template not found error\n1914209 - Associate image secret name to pipeline serviceaccount imagePullSecrets\n1914212 - [e2e][automation] Add test to validate bootable disk souce\n1914250 - ovnkube-node fails on master nodes when both DHCPv6 and SLAAC addresses are configured on nodes\n1914284 - Upgrade to OCP 4.6.9 results in cluster-wide DNS and connectivity issues due to bad NetworkPolicy flows\n1914287 - Bring back selfLink\n1914301 - User VM Template source should show the same provider as template itself\n1914303 - linuxptp-daemon is not forwarding ptp4l stderr output to openshift logs\n1914309 - /terminal page when WTO not installed shows nonsensical error\n1914334 - order of getting started samples is arbitrary\n1914343 - [sig-imageregistry][Feature:ImageTriggers] Annotation trigger reconciles after the image is overwritten [Suite:openshift/conformance/parallel] timeout on s390x\n1914349 - Increase and decrease buttons in max and min pods in HPA page has distorted UI\n1914405 - Quick search modal should be opened when coming back from a selection\n1914407 - Its not clear that node-ca is running as non-root\n1914427 - Count of pods on the dashboard is incorrect\n1914439 - Typo in SRIOV port create command example\n1914451 - cluster-storage-operator pod running as root\n1914452 - oc image append, oc image extract outputs wrong suggestion to use --keep-manifest-list=true\n1914642 - Customize Wizard Storage tab does not pass validation\n1914723 - SamplesTBRInaccessibleOnBoot Alert has a misspelling\n1914793 - device names should not be translated\n1914894 - Warn about using non-groupified api version\n1914926 - webdriver-manager pulls incorrect version of ChomeDriver due to a bug\n1914932 - Put correct resource name in relatedObjects\n1914938 - PVC disk is not shown on customization wizard general tab\n1914941 - VM Template rootdisk is not deleted after fetching default disk bus\n1914975 - Collect logs from openshift-sdn namespace\n1915003 - No estimate of average node readiness during lifetime of a cluster\n1915027 - fix MCS blocking iptables rules\n1915041 - s3:ListMultipartUploadParts is relied on implicitly\n1915079 - Canary controller should not periodically rotate the canary route endpoint for performance reasons\n1915080 - Large number of tcp connections with shiftstack ocp cluster in about 24 hours\n1915085 - Pods created and rapidly terminated get stuck\n1915114 - [aws-c2s] worker machines are not create during install\n1915133 - Missing default pinned nav items in dev perspective\n1915176 - Update snapshot API CRDs to v1 in web-console when creating volumesnapshot related resource\n1915187 - Remove the \"Tech preview\" tag in web-console for volumesnapshot\n1915188 - Remove HostSubnet anonymization\n1915200 - [OCP 4.7+ OCS 4.6]Arbiter related Note should not show up during UI deployment\n1915217 - OKD payloads expect to be signed with production keys\n1915220 - Remove dropdown workaround for user settings\n1915235 - Failed to upgrade to 4.7 from 4.6 due to the machine-config failure\n1915262 - When deploying with assisted install the CBO operator is installed and enabled without metal3 pod\n1915277 - [e2e][automation]fix cdi upload form test\n1915295 - [BM][IP][Dualstack] Installation failed - operators report dial tcp 172.30.0.1:443: i/o timeout\n1915304 - Updating scheduling component builder \u0026 base images to be consistent with ART\n1915312 - Prevent schedule Linux openshift-network-diagnostics pod on Windows node\n1915318 - [Metal] bareMetal IPI - cannot interact with toolbox container after first execution only in parallel from different connection\n1915348 - [RFE] linuxptp operator needs to expose the uds_address_socket to be used by an application pod\n1915357 - Dev Catalog doesn\u0027t load anything if virtualization operator is installed\n1915379 - New template wizard should require provider and make support input a dropdown type\n1915408 - Failure in operator-registry kind e2e test\n1915416 - [Descheduler] descheduler evicts pod which does not have any ownerRef or descheduler evict annotation\n1915460 - Cluster name size might affect installations\n1915500 - [aws c2s] kube-controller-manager crash loops trying to fetch the AWS instance\n1915540 - Silent 4.7 RHCOS install failure on ppc64le\n1915579 - [Metal] redhat-support-tool became unavailable after tcpdump usage (BareMetal IPI)\n1915582 - p\u0026f: carry upstream pr 97860\n1915594 - [e2e][automation] Improve test for disk validation\n1915617 - Bump bootimage for various fixes\n1915624 - \"Please fill in the following field: Template provider\" blocks customize wizard\n1915627 - Translate Guided Tour text. \n1915643 - OCP4.6 to 4.7 upgrade failed due to manila csi driver operator sync error\n1915647 - Intermittent White screen when the connector dragged to revision\n1915649 - \"Template support\" pop up is not a warning; checkbox text should be rephrased\n1915654 - [e2e][automation] Add a verification for Afinity modal should hint \"Matching node found\"\n1915661 - Can\u0027t run the \u0027oc adm prune\u0027 command in a pod\n1915672 - Kuryr doesn\u0027t work with selfLink disabled. \n1915674 - Golden image PVC creation - storage size should be taken from the template\n1915685 - Message for not supported template is not clear enough\n1915760 - Need to increase timeout to wait rhel worker get ready\n1915793 - quick starts panel syncs incorrectly across browser windows\n1915798 - oauth connection errors for openshift console pods on an OVNKube OCP 4.7 cluster\n1915818 - vsphere-problem-detector: use \"_totals\" in metrics\n1915828 - Latest Dell firmware (04.40.00.00) fails to install IPI on BM using idrac-virtualmedia protocol\n1915859 - vsphere-problem-detector: does not report ESXi host version nor VM HW version\n1915871 - operator-sdk version in new downstream image should be v1.2.0-ocp not v4.7.0\n1915879 - Pipeline Dashboard tab Rename to Pipeline Metrics\n1915885 - Kuryr doesn\u0027t support workers running on multiple subnets\n1915898 - TaskRun log output shows \"undefined\" in streaming\n1915907 - test/cmd/builds.sh uses docker.io\n1915912 - sig-storage-csi-snapshotter image not available\n1915926 - cluster-api-provider-openstack: Update ose-openstack-machine-controllers builder \u0026 base images to be consistent with ART\n1915929 - A11y Violation: svg-img-alt for time axis of Utilization Card on Cluster Dashboard\n1915939 - Resizing the browser window removes Web Terminal Icon\n1915945 - [sig-scheduling] SchedulerPreemption [Serial] validates basic preemption works [Conformance]\n1915959 - Baremetal cluster operator is included in a ROKS installation of 4.7\n1915962 - ROKS: manifest with machine health check fails to apply in 4.7\n1915972 - Global configuration breadcrumbs do not work as expected\n1915981 - Install ethtool and conntrack in container for debugging\n1915995 - \"Edit RoleBinding Subject\" action under RoleBinding list page kebab actions causes unhandled exception\n1915998 - Installer bootstrap node setting of additional subnets inconsistent with additional security groups\n1916021 - OLM enters infinite loop if Pending CSV replaces itself\n1916056 - Need Visual Web Terminal metric enabled for OCP monitoring telemetry\n1916081 - non-existant should be non-existent in CloudCredentialOperatorTargetNamespaceMissing alert\u0027s annotations\n1916099 - VM creation - customization wizard - user should be allowed to delete and re-create root disk\n1916126 - [e2e][automation] Help fix tests for vm guest-agent and next-run-configuration\n1916145 - Explicitly set minimum versions of python libraries\n1916164 - Update csi-driver-nfs builder \u0026 base images to be consistent with ART\n1916221 - csi-snapshot-controller-operator: bump dependencies for 4.7\n1916271 - Known issues should mention failure to apply soft-anti-affinity to masters beyond the third\n1916363 - [OVN] ovs-configuration.service reports as failed within all nodes using version 4.7.0-fc.2\n1916379 - error metrics from vsphere-problem-detector should be gauge\n1916382 - Can\u0027t create ext4 filesystems with Ignition\n1916384 - 4.5.15 and later cluster-version operator does not sync ClusterVersion status before exiting, leaving \u0027verified: false\u0027 even for verified updates\n1916401 - Deleting an ingress controller with a bad DNS Record hangs\n1916417 - [Kuryr] Must-gather does not have all Custom Resources information\n1916419 - [sig-devex][Feature:ImageEcosystem][Slow] openshift images should be SCL enabled returning s2i usage when running the image\n1916454 - teach CCO about upgradeability from 4.6 to 4.7\n1916486 - [OCP RHV] [Docs] Update RHV CSI provisioning section in OCP documenation\n1916502 - Boot disk mirroring fails with mdadm error\n1916524 - Two rootdisk shows on storage step\n1916580 - Default yaml is broken for VM and VM template\n1916621 - oc adm node-logs examples are wrong\n1916642 - [zh_CN] Redundant period in Secrets - Create drop down menu - Key value secret. \n1916692 - Possibly fails to destroy LB and thus cluster\n1916711 - Update Kube dependencies in MCO to 1.20.0\n1916747 - remove links to quick starts if virtualization operator isn\u0027t updated to 2.6\n1916764 - editing a workload with no application applied, will auto fill the app\n1916834 - Pipeline Metrics - Text Updates\n1916843 - collect logs from openshift-sdn-controller pod\n1916853 - cluster will not gracefully recover if openshift-etcd namespace is removed\n1916882 - OCS 4.7 LSO : wizard (Discover disks and create storageclass) does not show zone when topology.kubernetes.io/zone are added manually\n1916888 - OCS wizard Donor chart does not get updated when `Device Type` is edited\n1916938 - Using 4.6 install-config.yaml file with lbFloatingIP results in validation error \"Forbidden: cannot specify lbFloatingIP and apiFloatingIP together\"\n1916949 - ROKS: manifests in openshift-oauth-apiserver ns fails to create with non-existent namespace\n1917101 - [UPI on oVirt] - \u0027RHCOS image\u0027 topic isn\u0027t located in the right place in UPI document\n1917114 - Upgrade from 4.5.9 to 4.7 fails as authentication operator is Degraded due to \u0027\"ProxyConfigController\" controller failed to sync \"key\"\u0027 error\n1917117 - Common templates - disks screen: invalid disk name\n1917124 - Custom template - clone existing PVC - the name of the target VM\u0027s data volume is hard-coded; only one VM can be created\n1917146 - [oVirt] Consume 23-10 ovirt sdk- csi operator\n1917147 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable. \n1917148 - [oVirt] Consume 23-10 ovirt sdk\n1917239 - Monitoring time options overlaps monitoring tab navigation when Quickstart panel is opened\n1917272 - Should update the default minSize to 1Gi when create localvolumeset on web console\n1917303 - [automation][e2e] make kubevirt-plugin gating job mandatory\n1917315 - localvolumeset-local-provisoner-xxx pods are not killed after upgrading from 4.6 to 4.7\n1917327 - annotations.message maybe wrong for NTOPodsNotReady alert\n1917367 - Refactor periodic.go\n1917371 - Add docs on how to use the built-in profiler\n1917372 - Application metrics are shown on Metrics dashboard but not in linked Prometheus UI in OCP management console\n1917395 - pv-pool backing store name restriction should be at 43 characters from the ocs ui\n1917484 - [BM][IPI] Failed to scale down machineset\n1917522 - Deprecate --filter-by-os in oc adm catalog mirror\n1917537 - controllers continuously busy reconciling operator\n1917551 - use min_over_time for vsphere prometheus alerts\n1917585 - OLM Operator install page missing i18n\n1917587 - Manila CSI operator becomes degraded if user doesn\u0027t have permissions to list share types\n1917605 - Deleting an exgw causes pods to no longer route to other exgws\n1917614 - [aws c2s] ingress operator uses unavailable resourcegrouptaggings API\n1917656 - Add to Project/application for eventSources from topology shows 404\n1917658 - Show TP badge for sources powered by camel connectors in create flow\n1917660 - Editing parallelism of job get error info\n1917678 - Could not provision pv when no symlink and target found on rhel worker\n1917679 - Hide double CTA in admin pipelineruns tab\n1917683 - `NodeTextFileCollectorScrapeError` alert in OCP 4.6 cluster. \n1917759 - Console operator panics after setting plugin that does not exists to the console-operator config\n1917765 - ansible-operator version in downstream image should be v1.3.0 not v4.7.0\n1917770 - helm-operator version in downstream image should be v1.3.0 not v4.7.0\n1917799 - Gather s list of names and versions of installed OLM operators\n1917803 - [sig-storage] Pod Disks should be able to delete a non-existent PD without error\n1917814 - Show Broker create option in eventing under admin perspective\n1917838 - MachineSet scaling from 0 is not available or evaluated incorrectly for the new or changed instance types\n1917872 - [oVirt] rebase on latest SDK 2021-01-12\n1917911 - network-tools needs ovnkube-trace binary from ovn-kubernetes image\n1917938 - upgrade version of dnsmasq package\n1917942 - Canary controller causes panic in ingress-operator\n1918019 - Undesired scrollbars in markdown area of QuickStart\n1918068 - Flaky olm integration tests\n1918085 - reversed name of job and namespace in cvo log\n1918112 - Flavor is not editable if a customize VM is created from cli\n1918129 - Update IO sample archive with missing resources \u0026 remove IP anonymization from clusteroperator resources\n1918132 - i18n: Volume Snapshot Contents menu is not translated\n1918133 - [e2e][automation] Fix ocp 4.7 existing tests - part2\n1918140 - Deployment openstack-cinder-csi-driver-controller and openstack-manila-csi-controllerplugin doesn\u0027t be installed on OSP\n1918153 - When `\u0026` character is set as an environment variable in a build config it is getting converted as `\\u0026`\n1918185 - Capitalization on PLR details page\n1918287 - [ovirt] ovirt csi driver is flooding RHV with API calls and spam the event UI with new connections\n1918318 - Kamelet connector\u0027s are not shown in eventing section under Admin perspective\n1918351 - Gather SAP configuration (SCC \u0026 ClusterRoleBinding)\n1918375 - [calico] rbac-proxy container in kube-proxy fails to create tokenreviews\n1918395 - [ovirt] increase livenessProbe period\n1918415 - MCD nil pointer on dropins\n1918438 - [ja_JP, zh_CN] Serverless i18n misses\n1918440 - Kernel Arguments get reapplied even when no new kargs has been added in MachineConfig\n1918471 - CustomNoUpgrade Feature gates are not working correctly\n1918558 - Supermicro nodes boot to PXE upon reboot after successful deployment to disk\n1918622 - Updating ose-jenkins-agent-maven builder \u0026 base images to be consistent with ART\n1918623 - Updating ose-jenkins-agent-nodejs-12 builder \u0026 base images to be consistent with ART\n1918625 - Updating ose-jenkins-agent-nodejs-10 builder \u0026 base images to be consistent with ART\n1918635 - Updating openshift-jenkins-2 builder \u0026 base images to be consistent with ART #1197\n1918639 - Event listener with triggerRef crashes the console\n1918648 - Subscription page doesn\u0027t show InstallPlan correctly\n1918716 - Manilacsi becomes degraded even though it is not available with the underlying Openstack\n1918748 - helmchartrepo is not http(s)_proxy-aware\n1918757 - Consistant fallures of features/project-creation.feature Cypress test in CI\n1918803 - Need dedicated details page w/ global config breadcrumbs for \u0027KnativeServing\u0027 plugin\n1918826 - Insights popover icons are not horizontally aligned\n1918879 - need better debug for bad pull secrets\n1918958 - The default NMstate instance from the operator is incorrect\n1919097 - Close bracket \")\" missing at the end of the sentence in the UI\n1919231 - quick search modal cut off on smaller screens\n1919259 - Make \"Add x\" singular in Pipeline Builder\n1919260 - VM Template list actions should not wrap\n1919271 - NM prepender script doesn\u0027t support systemd-resolved\n1919341 - Updating ose-jenkins-agent-maven builder \u0026 base images to be consistent with ART\n1919360 - Need managed-cluster-info metric enabled for OCP monitoring telemetry\n1919379 - dotnet logo out of date\n1919387 - Console login fails with no error when it can\u0027t write to localStorage\n1919396 - A11y Violation: svg-img-alt on Pod Status ring\n1919407 - OpenStack IPI has three-node control plane limitation, but InstallConfigs aren\u0027t verified\n1919750 - Search InstallPlans got Minified React error\n1919778 - Upgrade is stuck in insights operator Degraded with \"Source clusterconfig could not be retrieved\" until insights operator pod is manually deleted\n1919823 - OCP 4.7 Internationalization Chinese tranlate issue\n1919851 - Visualization does not render when Pipeline \u0026 Task share same name\n1919862 - The tip information for `oc new-project --skip-config-write` is wrong\n1919876 - VM created via customize wizard cannot inherit template\u0027s PVC attributes\n1919877 - Click on KSVC breaks with white screen\n1919879 - The toolbox container name is changed from \u0027toolbox-root\u0027 to \u0027toolbox-\u0027 in a chroot environment\n1919945 - user entered name value overridden by default value when selecting a git repository\n1919968 - [release-4.7] Undiagnosed panic detected in pod runtime.go:76: invalid memory address or nil pointer dereference\n1919970 - NTO does not update when the tuned profile is updated. \n1919999 - Bump Cluster Resource Operator Golang Versions\n1920027 - machine-config-operator consistently failing during 4.6 to 4.7 upgrades and clusters do not install successfully with proxy configuration\n1920200 - user-settings network error results in infinite loop of requests\n1920205 - operator-registry e2e tests not working properly\n1920214 - Bump golang to 1.15 in cluster-resource-override-admission\n1920248 - re-running the pipelinerun with pipelinespec crashes the UI\n1920320 - VM template field is \"Not available\" if it\u0027s created from common template\n1920367 - When creating localvolumeset instance from the web console, the title for setting volumeMode is `Disk Mode`\n1920368 - Fix containers creation issue resulting in runc running on Guaranteed Pod CPUs\n1920390 - Monitoring \u003e Metrics graph shifts to the left when clicking the \"Stacked\" option and when toggling data series lines on / off\n1920426 - Egress Router CNI OWNERS file should have ovn-k team members\n1920427 - Need to update `oc login` help page since we don\u0027t support prompt interactively for the username\n1920430 - [V2V] [UI] Browser window becomes empty when running import wizard for the first time\n1920438 - openshift-tuned panics on turning debugging on/off. \n1920445 - e2e-gcp-ovn-upgrade job is actually using openshift-sdn\n1920481 - kuryr-cni pods using unreasonable amount of CPU\n1920509 - wait for port 6443 to be open in the kube-scheduler container; use ss instead of lsof\n1920524 - Topology graph crashes adding Open Data Hub operator\n1920526 - catalog operator causing CPU spikes and bad etcd performance\n1920551 - Boot Order is not editable for Templates in \"openshift\" namespace\n1920555 - bump cluster-resource-override-admission api dependencies\n1920571 - fcp multipath will not recover failed paths automatically\n1920619 - Remove default scheduler profile value\n1920655 - Console should not show the Create Autoscaler link in cluster settings when the CRD is not present\n1920674 - MissingKey errors in bindings namespace\n1920684 - Text in language preferences modal is misleading\n1920695 - CI is broken because of bad image registry reference in the Makefile\n1920756 - update generic-admission-server library to get the system:masters authorization optimization\n1920769 - [Upgrade] OCP upgrade from 4.6.13 to 4.7.0-fc.4 for \"network-check-target\" failed when \"defaultNodeSelector\" is set\n1920771 - i18n: Delete persistent volume claim drop down is not translated\n1920806 - [OVN]Nodes lost network connection after reboot on the vSphere UPI\n1920912 - Unable to power off BMH from console\n1920981 - When OCS was deployed with arbiter mode enable add capacity is increasing the count by \"2\"\n1920984 - [e2e][automation] some menu items names are out dated\n1921013 - Gather PersistentVolume definition (if any) used in image registry config\n1921023 - Do not enable Flexible Scaling to true for Internal mode clusters(revert to 4.6 behavior)\n1921087 - \u0027start next quick start\u0027 link doesn\u0027t work and is unintuitive\n1921088 - test-cmd is failing on volumes.sh pretty consistently\n1921248 - Clarify the kubelet configuration cr description\n1921253 - Text filter default placeholder text not internationalized\n1921258 - User Preferences: Active perspective and project change in the current window when selected in a different window\n1921275 - Panic in authentication-operator in (*deploymentController).updateOperatorDeploymentInfo\n1921277 - Fix Warning and Info log statements to handle arguments\n1921281 - oc get -o yaml --export returns \"error: unknown flag: --export\"\n1921458 - [SDK] Gracefully handle the `run bundle-upgrade` if the lower version operator doesn\u0027t exist\n1921556 - [OCS with Vault]: OCS pods didn\u0027t comeup after deploying with Vault details from UI\n1921572 - For external source (i.e GitHub Source) form view as well shows yaml\n1921580 - [e2e][automation]Test VM detail view actions dropdown does not pass\n1921610 - Pipeline metrics font size inconsistency\n1921644 - [e2e][automation] tests errors with wrong cloudInit new line syntax\n1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation\n1921655 - [OSP] Incorrect error handling during cloudinfo generation\n1921713 - [e2e][automation] fix failing VM migration tests\n1921762 - Serving and Eventing breadcrumbs should direct users back to tabbed page view\n1921774 - delete application modal errors when a resource cannot be found\n1921806 - Explore page APIResourceLinks aren\u0027t i18ned\n1921823 - CheckBoxControls not internationalized\n1921836 - AccessTableRows don\u0027t internationalize \"User\" or \"Group\"\n1921857 - Test flake when hitting router in e2e tests due to one router not being up to date\n1921880 - Dynamic plugins are not initialized on console load in production mode\n1921911 - Installer PR #4589 is causing leak of IAM role policy bindings\n1921921 - \"Global Configuration\" breadcrumb does not use sentence case\n1921949 - Console bug - source code URL broken for gitlab self-hosted repositories\n1921954 - Subscription-related constraints in ResolutionFailed events are misleading\n1922015 - buttons in modal header are invisible on Safari\n1922021 - Nodes terminal page \u0027Expand\u0027 \u0027Collapse\u0027 button not translated\n1922050 - [e2e][automation] Improve vm clone tests\n1922066 - Cannot create VM from custom template which has extra disk\n1922098 - Namespace selection dialog is not closed after select a namespace\n1922099 - Updated Readme documentation for QE code review and setup\n1922146 - Egress Router CNI doesn\u0027t have logging support. \n1922267 - Collect specific ADFS error\n1922292 - Bump RHCOS boot images for 4.7\n1922454 - CRI-O doesn\u0027t enable pprof by default\n1922473 - reconcile LSO images for 4.8\n1922573 - oc returns an error while using -o jsonpath when there is no resource found in the namespace\n1922782 - Source registry missing docker:// in yaml\n1922907 - Interop UI Tests - step implementation for updating feature files\n1922911 - Page crash when click the \"Stacked\" checkbox after clicking the data series toggle buttons\n1922991 - \"verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build\" test fails on OKD\n1923003 - WebConsole Insights widget showing \"Issues pending\" when the cluster doesn\u0027t report anything\n1923098 - [vsphere-problem-detector-operator] Need permission to access replicasets.apps resources\n1923102 - [vsphere-problem-detector-operator] pod\u0027s version is not correct\n1923245 - [Assisted-4.7] [Staging][Minimal-ISO] nodes fails to boot\n1923674 - k8s 1.20 vendor dependencies\n1923721 - PipelineRun running status icon is not rotating\n1923753 - Increase initialDelaySeconds for ovs-daemons container in the ovs-node daemonset for upgrade scenarios\n1923774 - Docker builds failing for openshift/cluster-resource-override-admission-operator\n1923802 - ci/prow/e2e-aws-olm build failing for openshift/cluster-resource-override-admission-operator\n1923874 - Unable to specify values with % in kubeletconfig\n1923888 - Fixes error metadata gathering\n1923892 - Update arch.md after refactor. \n1923894 - \"installed\" operator status in operatorhub page does not reflect the real status of operator\n1923895 - Changelog generation. \n1923911 - [e2e][automation] Improve tests for vm details page and list filter\n1923945 - PVC Name and Namespace resets when user changes os/flavor/workload\n1923951 - EventSources shows `undefined` in project\n1923973 - Dynamic plugin demo README does not contain info how to enable the ConsolePlugins\n1924046 - Localhost: Refreshing on a Project removes it from nav item urls\n1924078 - Topology quick search View all results footer should be sticky. \n1924081 - NTO should ship the latest Tuned daemon release 2.15\n1924084 - backend tests incorrectly hard-code artifacts dir\n1924128 - [sig-builds][Feature:Builds] verify /run filesystem contents do not have unexpected content using a simple Docker Strategy Build\n1924135 - Under sufficient load, CRI-O may segfault\n1924143 - Code Editor Decorator url is broken for Bitbucket repos\n1924188 - Language selector dropdown doesn\u0027t always pre-select the language\n1924365 - Add extra disk for VM which use boot source PXE\n1924383 - Degraded network operator during upgrade to 4.7.z\n1924387 - [ja_JP][zh_CN] Incorrect warning message for deleting namespace on Delete Pod dialog box. \n1924480 - non cluster admin can not take VM snapshot: An error occurred, cannot set blockOwnerDeletion if an ownerReference refers to a resource you can\u0027t set finalizers on\n1924583 - Deprectaed templates are listed in the Templates screen\n1924870 - pick upstream pr#96901: plumb context with request deadline\n1924955 - Images from Private external registry not working in deploy Image\n1924961 - k8sutil.TrimDNS1123Label creates invalid values\n1924985 - Build egress-router-cni for both RHEL 7 and 8\n1925020 - Console demo plugin deployment image shoult not point to dockerhub\n1925024 - Remove extra validations on kafka source form view net section\n1925039 - [e2e] Fix Test - ID(CNV-5327) Change Custom Flavor while VM is running\n1925072 - NTO needs to ship the current latest stalld v1.7.0\n1925163 - Missing info about dev catalog in boot source template column\n1925200 - Monitoring Alert icon is missing on the workload in Topology view\n1925262 - apiserver getting 2 SIGTERM signals which was immediately making it exit code 1\n1925319 - bash syntax error in configure-ovs.sh script\n1925408 - Remove StatefulSet gatherer and replace it with gathering corresponding config map data\n1925516 - Pipeline Metrics Tooltips are overlapping data\n1925562 - Add new ArgoCD link from GitOps application environments page\n1925596 - Gitops details page image and commit id text overflows past card boundary\n1926556 - \u0027excessive etcd leader changes\u0027 test case failing in serial job because prometheus data is wiped by machine set test\n1926588 - The tarball of operator-sdk is not ready for ocp4.7\n1927456 - 4.7 still points to 4.6 catalog images\n1927500 - API server exits non-zero on 2 SIGTERM signals\n1929278 - Monitoring workloads using too high a priorityclass\n1929645 - Remove openshift:kubevirt-machine-controllers decleration from machine-api\n1929920 - Cluster monitoring documentation link is broken - 404 not found\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-10103\nhttps://access.redhat.com/security/cve/CVE-2018-10105\nhttps://access.redhat.com/security/cve/CVE-2018-14461\nhttps://access.redhat.com/security/cve/CVE-2018-14462\nhttps://access.redhat.com/security/cve/CVE-2018-14463\nhttps://access.redhat.com/security/cve/CVE-2018-14464\nhttps://access.redhat.com/security/cve/CVE-2018-14465\nhttps://access.redhat.com/security/cve/CVE-2018-14466\nhttps://access.redhat.com/security/cve/CVE-2018-14467\nhttps://access.redhat.com/security/cve/CVE-2018-14468\nhttps://access.redhat.com/security/cve/CVE-2018-14469\nhttps://access.redhat.com/security/cve/CVE-2018-14470\nhttps://access.redhat.com/security/cve/CVE-2018-14553\nhttps://access.redhat.com/security/cve/CVE-2018-14879\nhttps://access.redhat.com/security/cve/CVE-2018-14880\nhttps://access.redhat.com/security/cve/CVE-2018-14881\nhttps://access.redhat.com/security/cve/CVE-2018-14882\nhttps://access.redhat.com/security/cve/CVE-2018-16227\nhttps://access.redhat.com/security/cve/CVE-2018-16228\nhttps://access.redhat.com/security/cve/CVE-2018-16229\nhttps://access.redhat.com/security/cve/CVE-2018-16230\nhttps://access.redhat.com/security/cve/CVE-2018-16300\nhttps://access.redhat.com/security/cve/CVE-2018-16451\nhttps://access.redhat.com/security/cve/CVE-2018-16452\nhttps://access.redhat.com/security/cve/CVE-2018-20843\nhttps://access.redhat.com/security/cve/CVE-2019-3884\nhttps://access.redhat.com/security/cve/CVE-2019-5018\nhttps://access.redhat.com/security/cve/CVE-2019-6977\nhttps://access.redhat.com/security/cve/CVE-2019-6978\nhttps://access.redhat.com/security/cve/CVE-2019-8625\nhttps://access.redhat.com/security/cve/CVE-2019-8710\nhttps://access.redhat.com/security/cve/CVE-2019-8720\nhttps://access.redhat.com/security/cve/CVE-2019-8743\nhttps://access.redhat.com/security/cve/CVE-2019-8764\nhttps://access.redhat.com/security/cve/CVE-2019-8766\nhttps://access.redhat.com/security/cve/CVE-2019-8769\nhttps://access.redhat.com/security/cve/CVE-2019-8771\nhttps://access.redhat.com/security/cve/CVE-2019-8782\nhttps://access.redhat.com/security/cve/CVE-2019-8783\nhttps://access.redhat.com/security/cve/CVE-2019-8808\nhttps://access.redhat.com/security/cve/CVE-2019-8811\nhttps://access.redhat.com/security/cve/CVE-2019-8812\nhttps://access.redhat.com/security/cve/CVE-2019-8813\nhttps://access.redhat.com/security/cve/CVE-2019-8814\nhttps://access.redhat.com/security/cve/CVE-2019-8815\nhttps://access.redhat.com/security/cve/CVE-2019-8816\nhttps://access.redhat.com/security/cve/CVE-2019-8819\nhttps://access.redhat.com/security/cve/CVE-2019-8820\nhttps://access.redhat.com/security/cve/CVE-2019-8823\nhttps://access.redhat.com/security/cve/CVE-2019-8835\nhttps://access.redhat.com/security/cve/CVE-2019-8844\nhttps://access.redhat.com/security/cve/CVE-2019-8846\nhttps://access.redhat.com/security/cve/CVE-2019-9455\nhttps://access.redhat.com/security/cve/CVE-2019-9458\nhttps://access.redhat.com/security/cve/CVE-2019-11068\nhttps://access.redhat.com/security/cve/CVE-2019-12614\nhttps://access.redhat.com/security/cve/CVE-2019-13050\nhttps://access.redhat.com/security/cve/CVE-2019-13225\nhttps://access.redhat.com/security/cve/CVE-2019-13627\nhttps://access.redhat.com/security/cve/CVE-2019-14889\nhttps://access.redhat.com/security/cve/CVE-2019-15165\nhttps://access.redhat.com/security/cve/CVE-2019-15166\nhttps://access.redhat.com/security/cve/CVE-2019-15903\nhttps://access.redhat.com/security/cve/CVE-2019-15917\nhttps://access.redhat.com/security/cve/CVE-2019-15925\nhttps://access.redhat.com/security/cve/CVE-2019-16167\nhttps://access.redhat.com/security/cve/CVE-2019-16168\nhttps://access.redhat.com/security/cve/CVE-2019-16231\nhttps://access.redhat.com/security/cve/CVE-2019-16233\nhttps://access.redhat.com/security/cve/CVE-2019-16935\nhttps://access.redhat.com/security/cve/CVE-2019-17450\nhttps://access.redhat.com/security/cve/CVE-2019-17546\nhttps://access.redhat.com/security/cve/CVE-2019-18197\nhttps://access.redhat.com/security/cve/CVE-2019-18808\nhttps://access.redhat.com/security/cve/CVE-2019-18809\nhttps://access.redhat.com/security/cve/CVE-2019-19046\nhttps://access.redhat.com/security/cve/CVE-2019-19056\nhttps://access.redhat.com/security/cve/CVE-2019-19062\nhttps://access.redhat.com/security/cve/CVE-2019-19063\nhttps://access.redhat.com/security/cve/CVE-2019-19068\nhttps://access.redhat.com/security/cve/CVE-2019-19072\nhttps://access.redhat.com/security/cve/CVE-2019-19221\nhttps://access.redhat.com/security/cve/CVE-2019-19319\nhttps://access.redhat.com/security/cve/CVE-2019-19332\nhttps://access.redhat.com/security/cve/CVE-2019-19447\nhttps://access.redhat.com/security/cve/CVE-2019-19524\nhttps://access.redhat.com/security/cve/CVE-2019-19533\nhttps://access.redhat.com/security/cve/CVE-2019-19537\nhttps://access.redhat.com/security/cve/CVE-2019-19543\nhttps://access.redhat.com/security/cve/CVE-2019-19602\nhttps://access.redhat.com/security/cve/CVE-2019-19767\nhttps://access.redhat.com/security/cve/CVE-2019-19770\nhttps://access.redhat.com/security/cve/CVE-2019-19906\nhttps://access.redhat.com/security/cve/CVE-2019-19956\nhttps://access.redhat.com/security/cve/CVE-2019-20054\nhttps://access.redhat.com/security/cve/CVE-2019-20218\nhttps://access.redhat.com/security/cve/CVE-2019-20386\nhttps://access.redhat.com/security/cve/CVE-2019-20387\nhttps://access.redhat.com/security/cve/CVE-2019-20388\nhttps://access.redhat.com/security/cve/CVE-2019-20454\nhttps://access.redhat.com/security/cve/CVE-2019-20636\nhttps://access.redhat.com/security/cve/CVE-2019-20807\nhttps://access.redhat.com/security/cve/CVE-2019-20812\nhttps://access.redhat.com/security/cve/CVE-2019-20907\nhttps://access.redhat.com/security/cve/CVE-2019-20916\nhttps://access.redhat.com/security/cve/CVE-2020-0305\nhttps://access.redhat.com/security/cve/CVE-2020-0444\nhttps://access.redhat.com/security/cve/CVE-2020-1716\nhttps://access.redhat.com/security/cve/CVE-2020-1730\nhttps://access.redhat.com/security/cve/CVE-2020-1751\nhttps://access.redhat.com/security/cve/CVE-2020-1752\nhttps://access.redhat.com/security/cve/CVE-2020-1971\nhttps://access.redhat.com/security/cve/CVE-2020-2574\nhttps://access.redhat.com/security/cve/CVE-2020-2752\nhttps://access.redhat.com/security/cve/CVE-2020-2922\nhttps://access.redhat.com/security/cve/CVE-2020-3862\nhttps://access.redhat.com/security/cve/CVE-2020-3864\nhttps://access.redhat.com/security/cve/CVE-2020-3865\nhttps://access.redhat.com/security/cve/CVE-2020-3867\nhttps://access.redhat.com/security/cve/CVE-2020-3868\nhttps://access.redhat.com/security/cve/CVE-2020-3885\nhttps://access.redhat.com/security/cve/CVE-2020-3894\nhttps://access.redhat.com/security/cve/CVE-2020-3895\nhttps://access.redhat.com/security/cve/CVE-2020-3897\nhttps://access.redhat.com/security/cve/CVE-2020-3898\nhttps://access.redhat.com/security/cve/CVE-2020-3899\nhttps://access.redhat.com/security/cve/CVE-2020-3900\nhttps://access.redhat.com/security/cve/CVE-2020-3901\nhttps://access.redhat.com/security/cve/CVE-2020-3902\nhttps://access.redhat.com/security/cve/CVE-2020-6405\nhttps://access.redhat.com/security/cve/CVE-2020-7595\nhttps://access.redhat.com/security/cve/CVE-2020-7774\nhttps://access.redhat.com/security/cve/CVE-2020-8177\nhttps://access.redhat.com/security/cve/CVE-2020-8492\nhttps://access.redhat.com/security/cve/CVE-2020-8563\nhttps://access.redhat.com/security/cve/CVE-2020-8566\nhttps://access.redhat.com/security/cve/CVE-2020-8619\nhttps://access.redhat.com/security/cve/CVE-2020-8622\nhttps://access.redhat.com/security/cve/CVE-2020-8623\nhttps://access.redhat.com/security/cve/CVE-2020-8624\nhttps://access.redhat.com/security/cve/CVE-2020-8647\nhttps://access.redhat.com/security/cve/CVE-2020-8648\nhttps://access.redhat.com/security/cve/CVE-2020-8649\nhttps://access.redhat.com/security/cve/CVE-2020-9327\nhttps://access.redhat.com/security/cve/CVE-2020-9802\nhttps://access.redhat.com/security/cve/CVE-2020-9803\nhttps://access.redhat.com/security/cve/CVE-2020-9805\nhttps://access.redhat.com/security/cve/CVE-2020-9806\nhttps://access.redhat.com/security/cve/CVE-2020-9807\nhttps://access.redhat.com/security/cve/CVE-2020-9843\nhttps://access.redhat.com/security/cve/CVE-2020-9850\nhttps://access.redhat.com/security/cve/CVE-2020-9862\nhttps://access.redhat.com/security/cve/CVE-2020-9893\nhttps://access.redhat.com/security/cve/CVE-2020-9894\nhttps://access.redhat.com/security/cve/CVE-2020-9895\nhttps://access.redhat.com/security/cve/CVE-2020-9915\nhttps://access.redhat.com/security/cve/CVE-2020-9925\nhttps://access.redhat.com/security/cve/CVE-2020-10018\nhttps://access.redhat.com/security/cve/CVE-2020-10029\nhttps://access.redhat.com/security/cve/CVE-2020-10732\nhttps://access.redhat.com/security/cve/CVE-2020-10749\nhttps://access.redhat.com/security/cve/CVE-2020-10751\nhttps://access.redhat.com/security/cve/CVE-2020-10763\nhttps://access.redhat.com/security/cve/CVE-2020-10773\nhttps://access.redhat.com/security/cve/CVE-2020-10774\nhttps://access.redhat.com/security/cve/CVE-2020-10942\nhttps://access.redhat.com/security/cve/CVE-2020-11565\nhttps://access.redhat.com/security/cve/CVE-2020-11668\nhttps://access.redhat.com/security/cve/CVE-2020-11793\nhttps://access.redhat.com/security/cve/CVE-2020-12465\nhttps://access.redhat.com/security/cve/CVE-2020-12655\nhttps://access.redhat.com/security/cve/CVE-2020-12659\nhttps://access.redhat.com/security/cve/CVE-2020-12770\nhttps://access.redhat.com/security/cve/CVE-2020-12826\nhttps://access.redhat.com/security/cve/CVE-2020-13249\nhttps://access.redhat.com/security/cve/CVE-2020-13630\nhttps://access.redhat.com/security/cve/CVE-2020-13631\nhttps://access.redhat.com/security/cve/CVE-2020-13632\nhttps://access.redhat.com/security/cve/CVE-2020-14019\nhttps://access.redhat.com/security/cve/CVE-2020-14040\nhttps://access.redhat.com/security/cve/CVE-2020-14381\nhttps://access.redhat.com/security/cve/CVE-2020-14382\nhttps://access.redhat.com/security/cve/CVE-2020-14391\nhttps://access.redhat.com/security/cve/CVE-2020-14422\nhttps://access.redhat.com/security/cve/CVE-2020-15157\nhttps://access.redhat.com/security/cve/CVE-2020-15503\nhttps://access.redhat.com/security/cve/CVE-2020-15862\nhttps://access.redhat.com/security/cve/CVE-2020-15999\nhttps://access.redhat.com/security/cve/CVE-2020-16166\nhttps://access.redhat.com/security/cve/CVE-2020-24490\nhttps://access.redhat.com/security/cve/CVE-2020-24659\nhttps://access.redhat.com/security/cve/CVE-2020-25211\nhttps://access.redhat.com/security/cve/CVE-2020-25641\nhttps://access.redhat.com/security/cve/CVE-2020-25658\nhttps://access.redhat.com/security/cve/CVE-2020-25661\nhttps://access.redhat.com/security/cve/CVE-2020-25662\nhttps://access.redhat.com/security/cve/CVE-2020-25681\nhttps://access.redhat.com/security/cve/CVE-2020-25682\nhttps://access.redhat.com/security/cve/CVE-2020-25683\nhttps://access.redhat.com/security/cve/CVE-2020-25684\nhttps://access.redhat.com/security/cve/CVE-2020-25685\nhttps://access.redhat.com/security/cve/CVE-2020-25686\nhttps://access.redhat.com/security/cve/CVE-2020-25687\nhttps://access.redhat.com/security/cve/CVE-2020-25694\nhttps://access.redhat.com/security/cve/CVE-2020-25696\nhttps://access.redhat.com/security/cve/CVE-2020-26160\nhttps://access.redhat.com/security/cve/CVE-2020-27813\nhttps://access.redhat.com/security/cve/CVE-2020-27846\nhttps://access.redhat.com/security/cve/CVE-2020-28362\nhttps://access.redhat.com/security/cve/CVE-2020-29652\nhttps://access.redhat.com/security/cve/CVE-2021-2007\nhttps://access.redhat.com/security/cve/CVE-2021-3121\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYDZ+bNzjgjWX9erEAQghXg//awGwjQxJ5LEZWBTdgyuCa8mHEi2rop5T\nlmebolBMNRSbo9gI8LMSHlvIBBFiV4CuFvfxE0AVLNentfzOTH11TxNWe1KQYt4H\nEmcGHPeHWTxKDkvAHtVcWXy9WN3y5d4lHSaq6AR1nHRPcj/k1upyx22kotpnYxN8\n4d49PjFTO3YbmdYpNLVJ9nY8izqUpTfM7YSyj6ANZSlaYc5Z215o6TPo6e3wobf4\nmWu+VfDS0v+/AbGhQhO2sQ7r2ysJ85MB7c62cxck4a51KiA0NKd4xr0TAA4KHnNL\nISHFzi5QYXu+meE+9wYRo1ZjJ5fbPj41+1TJbR6O4CbP0xQiFpcUSipNju3rGSGy\nAe5G/QGT8J7HzOjlKVvY3SFu/odENR6c+xUIr7IB/FBlu7DdPF2XxMZDQD4DKHEk\n4aiDbuiEL3Yf78Ic1RqPPmrj9plIwprVFQz+k3JaQXKD+1dBxO6tk+nVu2/5xNbM\nuR03hrthYYIpdXLSWU4lzq8j3kQ9wZ4j/m2o6/K6eHNl9PyqAG5jfQv9bVf8E3oG\nkrzc/JLvOfHNEQ/oJs/v/DFDmnAxshCCtGWlpLJ5J0pcD3EePsrPNs1QtQurVrMv\nRjfBCWKOij53+BinrMKHdsHxfur7GCFCIQCVaLIv6GUjX2NWI0voIVA8JkrFNNp6\nMcvuEaxco7U=\n=sw8i\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. This caused a runtime error to occur when\nusing the Prometheus operand creation form. This was fixed by adding a\n`definitions` property to schema returned by the `definitionFor` helper\nfunction so that the `$ref` property can resolve. There are no longer\nruntime errors when using the Prometheus operand creation form. Bugs fixed (https://bugzilla.redhat.com/):\n\n1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS\n1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs\n1883268 - remove erroneously specified label drop rules\n1885228 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users\n1892585 - [release 4.5] cluster-monitoring-operator: Fix bug in reflector not recovering from \"Too large resource version\"\n1893202 - e2e-operator flakes with \"TestMetricsAccessible: prometheus returned unexpected results: timed out waiting for the condition\"\n1893742 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest\n1894763 - Undiagnosed panic detected in pod\n1894782 - OperatorHub generates incorrect RBAC\n1895057 - Deleted netnamespace could not be re-created\n1896990 - Console shows wrong value for maxUnavailable and maxSurge when set to 0\n\n5. ==========================================================================\nUbuntu Security Notice USN-4468-1\nAugust 21, 2020\n\nbind9 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Bind. \n\nSoftware Description:\n- bind9: Internet Domain Name Server\n\nDetails:\n\nEmanuel Almeida discovered that Bind incorrectly handled certain TCP\npayloads. A remote attacker could possibly use this issue to cause Bind to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n20.04 LTS. (CVE-2020-8620)\n\nJoseph Gullo discovered that Bind incorrectly handled QNAME minimization\nwhen used in certain configurations. A remote attacker could possibly use\nthis issue to cause Bind to crash, resulting in a denial of service. This\nissue only affected Ubuntu 20.04 LTS. (CVE-2020-8621)\n\nDave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind\nincorrectly handled certain truncated responses to a TSIG-signed request. A\nremote attacker could possibly use this issue to cause Bind to crash,\nresulting in a denial of service. (CVE-2020-8622)\n\nLyu Chiy discovered that Bind incorrectly handled certain queries. A remote\nattacker could possibly use this issue to cause Bind to crash, resulting in\na denial of service. (CVE-2020-8623)\n\nJoop Boonen discovered that Bind incorrectly handled certain subdomain\nupdate-policy rules. A remote attacker granted privileges to change certain\nparts of a zone could use this issue to change other contents of the zone,\ncontrary to expectations. This issue only affected Ubuntu 18.04 LTS and\nUbuntu 20.04 LTS. (CVE-2020-8624)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.04 LTS:\n bind9 1:9.16.1-0ubuntu2.3\n\nUbuntu 18.04 LTS:\n bind9 1:9.11.3+dfsg-1ubuntu1.13\n\nUbuntu 16.04 LTS:\n bind9 1:9.10.3.dfsg.P4-8ubuntu1.17\n\nIn general, a standard system update will make all the necessary changes. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. \n\nThe following packages have been upgraded to a later upstream version: bind\n(9.11.20). Bugs fixed (https://bugzilla.redhat.com/):\n\n1693395 - Remove revoked KSK from trusted keys\n1749505 - internal test suite failures\n1814158 - bind internal testsuite, random failure in autosign\n1817870 - /usr/bin/nsupdate -g segfault when connect to AD\n1847244 - CVE-2020-8619 bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c\n1848169 - named-checkconf fails to validate configuration file with CIDRs with host bits set\n1859454 - named-pkcs11.service: (named-pkcs11) of user 25 dumped core. Bugs fixed (https://bugzilla.redhat.com/):\n\n1823765 - nfd-workers crash under an ipv6 environment\n1838802 - mysql8 connector from operatorhub does not work with metering operator\n1838845 - Metering operator can\u0027t connect to postgres DB from Operator Hub\n1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values\n1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash\n1868294 - NFD operator does not allow customisation of nfd-worker.conf\n1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration\n1890672 - NFD is missing a build flag to build correctly\n1890741 - path to the CA trust bundle ConfigMap is broken in report operator\n1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster\n1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel\n1900125 - FIPS error while generating RSA private key for CA\n1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub\n1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub\n1913837 - The CI and ART 4.7 metering images are not mirrored\n1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le\n1916010 - olm skip range is set to the wrong range\n1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation\n1923998 - NFD Operator is failing to update and remains in Replacing state\n\n5. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:9.11.5.P4+dfsg-5.1+deb10u2. \n\nWe recommend that you upgrade your bind9 packages. \n\nFor the detailed security status of bind9 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/bind9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9H9LBfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0Riow//eYx52gDQkiERYSEFJbSK34AzF5Ee3W8JYh1BG4PFagvR/y3hwddyFEkR\npHlq/t78TPWi9oQ3j8uuQL0VLMA+8jyaNXA0h6BMs/3VKzGktFyINdKPBPIghT2w\n2tugfgjK1MR0LZ27rcE86I1QoyFy+jHMmd03R0B0AQPWYkjp+2sp5nxskFVM9jXO\n8emXIzT3IZns8WSS7xCZOqE6D40Vk/3hP5IXDXIbHHFUgl6jCEpPHJBHCgrtw9HZ\nOr/EQgy4y+QUZNqsPw93kxc7cwVWhauW/PX9VZ1HWnfMIWEZX9K8fmYPHlj4dJUa\n1G45uTtYT7VaLvs+N7j1UulII+f1ZT9rrljasVKfbmALt+mp28/LzzcCCBMYohkK\nKa30MmBu5yZnn36LNWGwaOO5D+cCHsc58awKu3C5wUG/QMBjT+dYlhkbUbllpZVj\nvMMXjnrefdkCLy7LEDAul1NLgxWcSWzcQ0SyNEfu9IajtA94unFMwNzFmQb7ykql\nWMkHTg+7mSdPCxOI+0g9+w+pKZFdBGZxXu76cV8FB1BmRitsM8XYrtBGO9uWvkI9\nhIm7pHhyJB0E008qo+cKutpnvruLZLBUCutUuNHZAirq+zaHjoVDSxiqPWEJ9jdR\nSx85bc7+6f1daR04r5ay/mCuWPTQYrM1VyBsFnAvGxWoznHnmbk=\n=kUyE\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8622"
},
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "PACKETSTORM",
"id": "159981"
},
{
"db": "PACKETSTORM",
"id": "161546"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "159845"
},
{
"db": "PACKETSTORM",
"id": "161536"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "PACKETSTORM",
"id": "168899"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8622",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "159845",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "158940",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "158949",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "159981",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "159511",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159004",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "160205",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.4178",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2977",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3522",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1256",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2951.5",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2604",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2954",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4512",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2951.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3463",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0864",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3970",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2951.3",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2948",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0691",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3880",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041525",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "49866",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "160207",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "159985",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-186747",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-8622",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161546",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161536",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168899",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "PACKETSTORM",
"id": "159981"
},
{
"db": "PACKETSTORM",
"id": "161546"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "159845"
},
{
"db": "PACKETSTORM",
"id": "161536"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "PACKETSTORM",
"id": "168899"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"id": "VAR-202008-1238",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:19:51.232000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "runc Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=126812"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204183 - security advisory"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204992 - security advisory"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205203 - security advisory"
},
{
"title": "Red Hat: Moderate: bind security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205011 - security advisory"
},
{
"title": "Red Hat: Moderate: bind security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204500 - security advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2021-1457",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2021-1457"
},
{
"title": "IBM: Security Bulletin: Vulnerability in bind affects IBM Integrated Analytics System",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=5df18782fa35770f1ccb0a60bd4d1fa5"
},
{
"title": "Debian Security Advisories: DSA-4752-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=803076d91d2c644d2eb525aea5dfdae2"
},
{
"title": "Amazon Linux 2: ALAS2-2020-1564",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2020-1564"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.5.20 bug fix and golang security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205118 - security advisory"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ec6577109e640dac19a6ddb978afe82d"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/nikulinms/13-01-hw "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-617",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 1.7,
"url": "https://kb.isc.org/docs/cve-2020-8622"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"trust": 1.7,
"url": "https://www.synology.com/security/advisory/synology_sa_20_19"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4468-2/"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8622"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/dqn62gbmcic5ay4kyadgxnkvy6ajksje/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zkamjzxr66p6s5leu4sn7ussncwtxexp/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zkamjzxr66p6s5leu4sn7ussncwtxexp/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/dqn62gbmcic5ay4kyadgxnkvy6ajksje/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158940/ubuntu-security-notice-usn-4468-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-bind-affects-ibm-netezza-host-management/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2951.2/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041525"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158949/ubuntu-security-notice-usn-4468-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2954/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1256"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3880/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-multiple-bind-vulnerabilities-cve-2020-8622-cve-2020-8623-cve-2020-8624/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/49866"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/isc-bind-assertion-error-via-truncated-tsig-response-33128"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159981/red-hat-security-advisory-2020-4992-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0864"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-affects-ibm-integrated-analytics-system-4/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4512/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159004/gentoo-linux-security-advisory-202008-19.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2951.3/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4178/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2948"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2951.5/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2604"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0691"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2977/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-bind-affects-ibm-netezza-host-management-2/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160205/red-hat-security-advisory-2020-5203-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-bind-for-ibm-i-is-affected-by-cve-2020-8622-and-cve-2020-8624/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3522/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159511/red-hat-security-advisory-2020-4183-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3970/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3463/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159845/red-hat-security-advisory-2020-4500-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-affects-aix-cve-2020-8622/"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-8623"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-8622"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8623"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-8624"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8624"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-20907"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14422"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-15999"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8619"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.7/updating/updating-cluster"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13050"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9925"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9802"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20218"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9895"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8625"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13225"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-15165"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20388"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14382"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8812"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3899"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8819"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3867"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-1971"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8720"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9893"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19221"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8808"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3902"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-1751"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3900"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-8566"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-25211"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9805"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8820"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9807"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8769"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8710"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8813"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9850"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-7595"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8811"
},
{
"trust": 0.2,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-16168"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9803"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-8177"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9862"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-24659"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9327"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3885"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-17450"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-15503"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-16935"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20916"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5018"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19956"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10018"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-15157"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8835"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-25658"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8764"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8844"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3865"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-1730"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3864"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19906"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20387"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14391"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3862"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3901"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-17546"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-3884"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8823"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-1752"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-15903"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3895"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-8492"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11793"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20454"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-20843"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9894"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8816"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9843"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13627"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-6405"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8771"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3897"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9806"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8814"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14889"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8743"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3121"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9915"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20843"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8815"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13632"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10029"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8783"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20807"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13630"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14040"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8766"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13631"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8846"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3868"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3894"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8782"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3898"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20907"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4468-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:4992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19770"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11668"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25662"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16300"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14466"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25684"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24490"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-2007"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15166"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19072"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8649"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26160"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12655"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16230"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9458"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13249"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27846"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20636"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15925"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18808"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18809"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10103"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14467"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16229"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14465"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20054"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12826"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18197"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15862"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25683"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14461"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14881"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14464"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10773"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25661"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14463"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10749"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25641"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-6977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8647"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16228"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14879"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-29652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15917"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-16166"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10774"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14469"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14880"
},
{
"trust": 0.1,
"url": "https://\u0027"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14461"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-0305"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12659"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1716"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20812"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5633"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14468"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-6978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-0444"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14466"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16233"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14882"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16452"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25694"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14464"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14553"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16230"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14468"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14467"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14462"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14880"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25682"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14881"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2574"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10751"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16300"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10763"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14462"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16229"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10942"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28362"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19062"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19046"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12465"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19447"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25696"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25685"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16231"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16451"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14381"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10103"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16228"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19056"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19524"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14463"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8648"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12770"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19767"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19533"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25686"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19537"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2922"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25687"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16167"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16451"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9455"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11565"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19332"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12614"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14879"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14019"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14470"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25681"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19063"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14470"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27813"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14465"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19319"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8563"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10732"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16452"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20811"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15586"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.5/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14331"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-16845"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20811"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5118"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-16845"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25637"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25637"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-rel"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14363"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5119"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14422"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14331"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8177"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-8ubuntu1.17"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.11.3+dfsg-1ubuntu1.13"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8620"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.16.1-0ubuntu2.3"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:4500"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhea-2020:5633"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20454"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8743"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19906"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8710"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5635"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5018"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19956"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20807"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13225"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8720"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13050"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17546"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16168"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20218"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8625"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15903"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4468-2"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/bind9"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "PACKETSTORM",
"id": "159981"
},
{
"db": "PACKETSTORM",
"id": "161546"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "159845"
},
{
"db": "PACKETSTORM",
"id": "161536"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "PACKETSTORM",
"id": "168899"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "PACKETSTORM",
"id": "159981"
},
{
"db": "PACKETSTORM",
"id": "161546"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "159845"
},
{
"db": "PACKETSTORM",
"id": "161536"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "PACKETSTORM",
"id": "168899"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-21T00:00:00",
"db": "VULHUB",
"id": "VHN-186747"
},
{
"date": "2020-08-21T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"date": "2020-11-10T14:55:46",
"db": "PACKETSTORM",
"id": "159981"
},
{
"date": "2021-02-25T15:29:25",
"db": "PACKETSTORM",
"id": "161546"
},
{
"date": "2020-11-24T15:29:50",
"db": "PACKETSTORM",
"id": "160207"
},
{
"date": "2020-08-21T21:44:34",
"db": "PACKETSTORM",
"id": "158940"
},
{
"date": "2020-11-04T15:28:15",
"db": "PACKETSTORM",
"id": "159845"
},
{
"date": "2021-02-25T15:26:54",
"db": "PACKETSTORM",
"id": "161536"
},
{
"date": "2020-08-25T17:19:25",
"db": "PACKETSTORM",
"id": "158949"
},
{
"date": "2020-08-28T19:12:00",
"db": "PACKETSTORM",
"id": "168899"
},
{
"date": "2020-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"date": "2020-08-21T21:15:12.247000",
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "VULHUB",
"id": "VHN-186747"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"date": "2021-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"date": "2023-11-07T03:26:38.710000",
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC BIND Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
],
"trust": 0.6
}
}
VAR-201804-1162
Vulnerability from variot - Updated: 2024-07-23 22:19An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of comparison operators in JIT. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04
https://security.gentoo.org/
Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04
Synopsis
Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution.
Background
WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
[ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2018-0003
Date reported : April 04, 2018 Advisory ID : WSA-2018-0003 Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165.
Several vulnerabilities were discovered in WebKitGTK+. Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Unexpected interaction with indexing types causing an ASSERT failure. Description: An array indexing issue existed in the handling of a function in JavaScriptCore. This issue was addressed through improved checks. Credit to OSS-Fuzz. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher. Impact: A malicious website may exfiltrate data cross-origin. Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Zach Markley. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation. Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack. This issue was addressed with improved URL validation. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to a denial of service. Description: A memory corruption issue was addressed through improved input validation. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases.
Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html
The WebKitGTK+ team, April 04, 2018 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2018-3-29-2 watchOS 4.3
watchOS 4.3 is now available and addresses the following:
CoreFoundation Available for: All Apple Watch models Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
File System Events Available for: All Apple Watch models Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6)
NSURLSession Available for: All Apple Watch models Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel GroA (@5aelo)
Quick Look Available for: All Apple Watch models Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel GroA (@5aelo)
Security Available for: All Apple Watch models Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo)
System Preferences Available for: All Apple Watch models Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. CVE-2018-4117: an anonymous researcher, an anonymous researcher
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlspHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZhfA// QhXriKk82GO1fdVRi/k9EQEVNpin8cU62yjgBF3nLEoZeLKRkaZMLsoEzBZ/sOtY v4VEJzRFcrVbDmmFtrA1ECEHe3w7tEydO9CjQsfesZ6TZRSO08ZD5fwE1Q0Jzqq7 43Dlt9/9Y+Fai48wYatj6yKfrjsF1yTnRr83M3C9mrbNJGgZ7yQeMyZ2iu+NcSry XnsK5xoESTH3dmc9+3MCj7h8Fw5MYaWCLPD/jS7iTQDJ9tpJhB+Rw0Z6cQxBNvYn /Sd3XiGvg0aOf3VJW/uodQFEBbBt9V2huCMsaKCLdcdTU+xZ6agmAQ9O5a/rpebP Qa844Ug+CjHT3p8UdldRO/RTjtWhO4s1n/eK1uaJUajqv557qJni+c3GNYtjIk/U TMb+5A7y5f3mVLIgEXaKiK8LwfXPKFXgXIWQk/Nsxda2fYHFupAm54uDx3flor2Z ec7/7yyE7hQJ3BdalRMOTRz8+ZTKN+YZcnls6XstNWp2w+vhqj8Uo16RQG7ga5Uw +tKm/eUe5AdHtjqFzcSfmOrS7XHXEjvqCTCDLIyoP3eWaxsxdfsN3oKOCpjRbYqU jGZjPUVxBzx+/evM1irbtlF4GHXuGdryDvbtFMt2l7t5/gnvsZkrt0Ij93XEC79i ARG0K0zkbtxBQF7qrn2cu/5e+LC217rBLtgO5HpxNEU= =FEXo -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3635-1 April 30, 2018
webkit2gtk vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description: - webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1
Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3635-1 CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165
Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1
. CVE-2018-4102: Kai Zhao of 3H security team CVE-2018-4116: @littlelailo, xisigr of Tencent's Xuanwu Lab (tencent.com)
Safari Login AutoFill Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction. Description: Safari autofill did not require explicit user interaction before taking place. CVE-2018-4146: found by OSS-Fuzz
WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. CVE-2018-4117: an anonymous researcher, an anonymous researcher
Additional recognition
WebKit We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance.
Installation note:
Safari 11.1 may be obtained from the Mac App Store
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1162",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.7.4"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.3"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.3"
},
{
"model": "icloud",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.4"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.1"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "webkitgtk\\+",
"scope": "lt",
"trust": 1.0,
"vendor": "webkitgtk",
"version": "2.20.4"
},
{
"model": "icloud",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.4 (windows 7 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (ipad air or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (iphone 5s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (ipod touch first 6 generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 12.7.4 ( target os : windows 7 or later )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (macos high sierra 10.13.4)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (macos sierra 10.12.6)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (os x el capitan 10.11.6)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (apple tv 4k)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (apple tv first 4 generation )"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "4.3 (apple watch all models )"
},
{
"model": "safari",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.4.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.3.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.3.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-149"
},
{
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.7.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.20.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WanderingGlitch - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-275"
}
],
"trust": 0.7
},
"cve": "CVE-2018-4162",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-4162",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-134193",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-4162",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4162",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-4162",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-149",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134193",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-4162",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"db": "VULHUB",
"id": "VHN-134193"
},
{
"db": "VULMON",
"id": "CVE-2018-4162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-149"
},
{
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of comparison operators in JIT. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201808-04\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: WebkitGTK+: Multiple vulnerabilities\n Date: August 22, 2018\n Bugs: #652820, #658168, #662974\n ID: 201808-04\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in WebKitGTK+, the worst of\nwhich may lead to arbitrary code execution. \n\nBackground\n==========\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine,\nsuitable for projects requiring any kind of web integration, from\nhybrid HTML/CSS applications to full-fledged web browsers. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/webkit-gtk \u003c 2.20.4 \u003e= 2.20.4\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please\nreview the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll WebkitGTK+ users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-libs/webkit-gtk-2.20.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-11646\n https://nvd.nist.gov/vuln/detail/CVE-2018-11646\n[ 2 ] CVE-2018-11712\n https://nvd.nist.gov/vuln/detail/CVE-2018-11712\n[ 3 ] CVE-2018-11713\n https://nvd.nist.gov/vuln/detail/CVE-2018-11713\n[ 4 ] CVE-2018-12293\n https://nvd.nist.gov/vuln/detail/CVE-2018-12293\n[ 5 ] CVE-2018-12294\n https://nvd.nist.gov/vuln/detail/CVE-2018-12294\n[ 6 ] CVE-2018-4101\n https://nvd.nist.gov/vuln/detail/CVE-2018-4101\n[ 7 ] CVE-2018-4113\n https://nvd.nist.gov/vuln/detail/CVE-2018-4113\n[ 8 ] CVE-2018-4114\n https://nvd.nist.gov/vuln/detail/CVE-2018-4114\n[ 9 ] CVE-2018-4117\n https://nvd.nist.gov/vuln/detail/CVE-2018-4117\n[ 10 ] CVE-2018-4118\n https://nvd.nist.gov/vuln/detail/CVE-2018-4118\n[ 11 ] CVE-2018-4119\n https://nvd.nist.gov/vuln/detail/CVE-2018-4119\n[ 12 ] CVE-2018-4120\n https://nvd.nist.gov/vuln/detail/CVE-2018-4120\n[ 13 ] CVE-2018-4121\n https://nvd.nist.gov/vuln/detail/CVE-2018-4121\n[ 14 ] CVE-2018-4122\n https://nvd.nist.gov/vuln/detail/CVE-2018-4122\n[ 15 ] CVE-2018-4125\n https://nvd.nist.gov/vuln/detail/CVE-2018-4125\n[ 16 ] CVE-2018-4127\n https://nvd.nist.gov/vuln/detail/CVE-2018-4127\n[ 17 ] CVE-2018-4128\n https://nvd.nist.gov/vuln/detail/CVE-2018-4128\n[ 18 ] CVE-2018-4129\n https://nvd.nist.gov/vuln/detail/CVE-2018-4129\n[ 19 ] CVE-2018-4133\n https://nvd.nist.gov/vuln/detail/CVE-2018-4133\n[ 20 ] CVE-2018-4146\n https://nvd.nist.gov/vuln/detail/CVE-2018-4146\n[ 21 ] CVE-2018-4162\n https://nvd.nist.gov/vuln/detail/CVE-2018-4162\n[ 22 ] CVE-2018-4163\n https://nvd.nist.gov/vuln/detail/CVE-2018-4163\n[ 23 ] CVE-2018-4165\n https://nvd.nist.gov/vuln/detail/CVE-2018-4165\n[ 24 ] CVE-2018-4190\n https://nvd.nist.gov/vuln/detail/CVE-2018-4190\n[ 25 ] CVE-2018-4192\n https://nvd.nist.gov/vuln/detail/CVE-2018-4192\n[ 26 ] CVE-2018-4199\n https://nvd.nist.gov/vuln/detail/CVE-2018-4199\n[ 27 ] CVE-2018-4200\n https://nvd.nist.gov/vuln/detail/CVE-2018-4200\n[ 28 ] CVE-2018-4201\n https://nvd.nist.gov/vuln/detail/CVE-2018-4201\n[ 29 ] CVE-2018-4204\n https://nvd.nist.gov/vuln/detail/CVE-2018-4204\n[ 30 ] CVE-2018-4214\n https://nvd.nist.gov/vuln/detail/CVE-2018-4214\n[ 31 ] CVE-2018-4218\n https://nvd.nist.gov/vuln/detail/CVE-2018-4218\n[ 32 ] CVE-2018-4222\n https://nvd.nist.gov/vuln/detail/CVE-2018-4222\n[ 33 ] CVE-2018-4232\n https://nvd.nist.gov/vuln/detail/CVE-2018-4232\n[ 34 ] CVE-2018-4233\n https://nvd.nist.gov/vuln/detail/CVE-2018-4233\n[ 35 ] CVE-2018-4261\n https://nvd.nist.gov/vuln/detail/CVE-2018-4261\n[ 36 ] CVE-2018-4262\n https://nvd.nist.gov/vuln/detail/CVE-2018-4262\n[ 37 ] CVE-2018-4263\n https://nvd.nist.gov/vuln/detail/CVE-2018-4263\n[ 38 ] CVE-2018-4264\n https://nvd.nist.gov/vuln/detail/CVE-2018-4264\n[ 39 ] CVE-2018-4265\n https://nvd.nist.gov/vuln/detail/CVE-2018-4265\n[ 40 ] CVE-2018-4266\n https://nvd.nist.gov/vuln/detail/CVE-2018-4266\n[ 41 ] CVE-2018-4267\n https://nvd.nist.gov/vuln/detail/CVE-2018-4267\n[ 42 ] CVE-2018-4270\n https://nvd.nist.gov/vuln/detail/CVE-2018-4270\n[ 43 ] CVE-2018-4272\n https://nvd.nist.gov/vuln/detail/CVE-2018-4272\n[ 44 ] CVE-2018-4273\n https://nvd.nist.gov/vuln/detail/CVE-2018-4273\n[ 45 ] CVE-2018-4278\n https://nvd.nist.gov/vuln/detail/CVE-2018-4278\n[ 46 ] CVE-2018-4284\n https://nvd.nist.gov/vuln/detail/CVE-2018-4284\n[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003\n https://webkitgtk.org/security/WSA-2018-0003.html\n[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004\n https://webkitgtk.org/security/WSA-2018-0004.html\n[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005\n https://webkitgtk.org/security/WSA-2018-0005.html\n[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006\n https://webkitgtk.org/security/WSA-2018-0006.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201808-04\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n. ------------------------------------------------------------------------\nWebKitGTK+ Security Advisory WSA-2018-0003\n------------------------------------------------------------------------\n\nDate reported : April 04, 2018\nAdvisory ID : WSA-2018-0003\nAdvisory URL : https://webkitgtk.org/security/WSA-2018-0003.html\nCVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114,\n CVE-2018-4117, CVE-2018-4118, CVE-2018-4119,\n CVE-2018-4120, CVE-2018-4122, CVE-2018-4125,\n CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,\n CVE-2018-4133, CVE-2018-4146, CVE-2018-4161,\n CVE-2018-4162, CVE-2018-4163, CVE-2018-4165. \n\nSeveral vulnerabilities were discovered in WebKitGTK+. \n Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to OSS-Fuzz. \n Impact: Unexpected interaction with indexing types causing an ASSERT\n failure. Description: An array indexing issue existed in the\n handling of a function in JavaScriptCore. This issue was addressed\n through improved checks. \n Credit to OSS-Fuzz. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher. \n Impact: A malicious website may exfiltrate data cross-origin. \n Description: A cross-origin issue existed with the fetch API. This\n was addressed through improved input validation. \n Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher working with Trend Microys Zero\n Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher working with Trend Microys Zero\n Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Zach Markley. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to likemeng of Baidu Security Lab working with Trend Micro\u0027s\n Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify\n (detectify.com), Yuji Tounai of NTT Communications Corporation. \n Impact: Visiting a maliciously crafted website may lead to a cross-\n site scripting attack. This issue was addressed with improved URL\n validation. \n Credit to OSS-Fuzz. \n Impact: Processing maliciously crafted web content may lead to a\n denial of service. Description: A memory corruption issue was\n addressed through improved input validation. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n\n\nWe recommend updating to the last stable version of WebKitGTK+. It is\nthe best way of ensuring that you are running a safe version of\nWebKitGTK+. Please check our website for information about the last\nstable releases. \n\nFurther information about WebKitGTK+ Security Advisories can be found\nat: https://webkitgtk.org/security.html\n\nThe WebKitGTK+ team,\nApril 04, 2018\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2018-3-29-2 watchOS 4.3\n\nwatchOS 4.3 is now available and addresses the following:\n\nCoreFoundation\nAvailable for: All Apple Watch models\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4142: Robin Leroy of Google Switzerland GmbH\n\nFile System Events\nAvailable for: All Apple Watch models\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4104: The UK\u0027s National Cyber Security Centre (NCSC)\n\nKernel\nAvailable for: All Apple Watch models\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4143: derrek (@derrekr6)\n\nNSURLSession\nAvailable for: All Apple Watch models\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4166: Samuel GroA (@5aelo)\n\nQuick Look\nAvailable for: All Apple Watch models\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4157: Samuel GroA (@5aelo)\n\nSecurity\nAvailable for: All Apple Watch models\nImpact: A malicious application may be able to elevate privileges\nDescription: A buffer overflow was addressed with improved size\nvalidation. \nCVE-2018-4144: Abraham Masri (@cheesecakeufo)\n\nSystem Preferences\nAvailable for: All Apple Watch models\nImpact: A configuration profile may incorrectly remain in effect\nafter removal\nDescription: An issue existed in CFPreferences. \nCVE-2018-4117: an anonymous researcher, an anonymous researcher\n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlspHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZhfA//\nQhXriKk82GO1fdVRi/k9EQEVNpin8cU62yjgBF3nLEoZeLKRkaZMLsoEzBZ/sOtY\nv4VEJzRFcrVbDmmFtrA1ECEHe3w7tEydO9CjQsfesZ6TZRSO08ZD5fwE1Q0Jzqq7\n43Dlt9/9Y+Fai48wYatj6yKfrjsF1yTnRr83M3C9mrbNJGgZ7yQeMyZ2iu+NcSry\nXnsK5xoESTH3dmc9+3MCj7h8Fw5MYaWCLPD/jS7iTQDJ9tpJhB+Rw0Z6cQxBNvYn\n/Sd3XiGvg0aOf3VJW/uodQFEBbBt9V2huCMsaKCLdcdTU+xZ6agmAQ9O5a/rpebP\nQa844Ug+CjHT3p8UdldRO/RTjtWhO4s1n/eK1uaJUajqv557qJni+c3GNYtjIk/U\nTMb+5A7y5f3mVLIgEXaKiK8LwfXPKFXgXIWQk/Nsxda2fYHFupAm54uDx3flor2Z\nec7/7yyE7hQJ3BdalRMOTRz8+ZTKN+YZcnls6XstNWp2w+vhqj8Uo16RQG7ga5Uw\n+tKm/eUe5AdHtjqFzcSfmOrS7XHXEjvqCTCDLIyoP3eWaxsxdfsN3oKOCpjRbYqU\njGZjPUVxBzx+/evM1irbtlF4GHXuGdryDvbtFMt2l7t5/gnvsZkrt0Ij93XEC79i\nARG0K0zkbtxBQF7qrn2cu/5e+LC217rBLtgO5HpxNEU=\n=FEXo\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-3635-1\nApril 30, 2018\n\nwebkit2gtk vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.10\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in WebKitGTK+. \n\nSoftware Description:\n- webkit2gtk: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKitGTK+ Web and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.10:\n libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1\n libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1\n\nUbuntu 16.04 LTS:\n libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1\n libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any applications\nthat use WebKitGTK+, such as Epiphany, to make all the necessary changes. \n\nReferences:\n https://usn.ubuntu.com/usn/usn-3635-1\n CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,\n CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,\n CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,\n CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,\n CVE-2018-4163, CVE-2018-4165\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1\n\n. \nCVE-2018-4102: Kai Zhao of 3H security team\nCVE-2018-4116: @littlelailo, xisigr of Tencent\u0027s Xuanwu Lab\n(tencent.com)\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and\nmacOS High Sierra 10.13.4\nImpact: A malicious website may be able to exfiltrate autofilled data\nin Safari without explicit user interaction. \nDescription: Safari autofill did not require explicit user\ninteraction before taking place. \nCVE-2018-4146: found by OSS-Fuzz\n\nWebKit\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and\nmacOS High Sierra 10.13.4\nImpact: A malicious website may exfiltrate data cross-origin\nDescription: A cross-origin issue existed with the fetch API. \nCVE-2018-4117: an anonymous researcher, an anonymous researcher\n\nAdditional recognition\n\nWebKit\nWe would like to acknowledge Johnny Nipper of Tinder Security Team\nfor their assistance. \n\nInstallation note:\n\nSafari 11.1 may be obtained from the Mac App Store",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"db": "VULHUB",
"id": "VHN-134193"
},
{
"db": "VULMON",
"id": "CVE-2018-4162"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146965"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146966"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146970"
},
{
"db": "PACKETSTORM",
"id": "146971"
}
],
"trust": 3.15
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-134193",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134193"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4162",
"trust": 4.1
},
{
"db": "SECTRACK",
"id": "1040604",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "158874",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU92378299",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5604",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-275",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201804-149",
"trust": 0.7
},
{
"db": "CXSECURITY",
"id": "WLB-2020080074",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-134193",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4162",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147241",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146965",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147433",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146966",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146969",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146970",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146971",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"db": "VULHUB",
"id": "VHN-134193"
},
{
"db": "VULMON",
"id": "CVE-2018-4162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146965"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146966"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146970"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-149"
},
{
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"id": "VAR-201804-1162",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134193"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:19:50.233000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT208697",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208697"
},
{
"title": "HT208698",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208698"
},
{
"title": "HT208693",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208693"
},
{
"title": "HT208694",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208694"
},
{
"title": "HT208695",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208695"
},
{
"title": "HT208696",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208696"
},
{
"title": "HT208693",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208693"
},
{
"title": "HT208694",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208694"
},
{
"title": "HT208695",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208695"
},
{
"title": "HT208696",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208696"
},
{
"title": "HT208697",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208697"
},
{
"title": "HT208698",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208698"
},
{
"title": "Apple has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://support.apple.com/kb/ht201222"
},
{
"title": "Multiple Apple product WebKit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83001"
},
{
"title": "Apple: Safari 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=ee3f60ca20e25abaeeaa2929b7de559a"
},
{
"title": "Apple: watchOS 4.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0c9672f464c8ecdde98d280637ecb1c5"
},
{
"title": "Apple: iCloud for Windows 7.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=3c324dcae1b032626ce2245c5900fb36"
},
{
"title": "Ubuntu Security Notice: webkit2gtk vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3635-1"
},
{
"title": "Apple: iTunes 12.7.4 for Windows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=1b3706ef4ba6948ac20ebbbcffe7bc29"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2196fa008592287290cbd6678fbe10d4"
},
{
"title": "Apple: tvOS 11.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0eeec7064403af3bc921bd387f797adc"
},
{
"title": "Apple: iOS 11.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=66db9acd354635a683838e3cd9bc2d76"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"db": "VULMON",
"id": "CVE-2018-4162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134193"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201808-04"
},
{
"trust": 1.9,
"url": "http://packetstormsecurity.com/files/158874/safari-webkit-for-ios-7.1.2-jit-optimization-bug.html"
},
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/3635-1/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208693"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208694"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208695"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208696"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208697"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208698"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1040604"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4162"
},
{
"trust": 1.2,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4162"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92378299/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4114"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4163"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4125"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4113"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4122"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4146"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4129"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4101"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4120"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4127"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4165"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4128"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4118"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4117"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4119"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4161"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4121"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2020080074"
},
{
"trust": 0.5,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4133"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4144"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4130"
},
{
"trust": 0.2,
"url": "https://webkitgtk.org/security/wsa-2018-0003.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4155"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4143"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4142"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4166"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4115"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4104"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4150"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4167"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4157"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht208695"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4265"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4233"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0004.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4264"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4261"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11713"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4263"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4270"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4214"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12294"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4262"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4284"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4266"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4273"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0006.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4267"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4272"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4200"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11712"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4278"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0005.html"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4218"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security.html"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4158"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3635-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4102"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4116"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4137"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht204283"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"db": "VULHUB",
"id": "VHN-134193"
},
{
"db": "VULMON",
"id": "CVE-2018-4162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146965"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146966"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146970"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-149"
},
{
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"db": "VULHUB",
"id": "VHN-134193"
},
{
"db": "VULMON",
"id": "CVE-2018-4162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146965"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146966"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146970"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-149"
},
{
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"date": "2018-04-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134193"
},
{
"date": "2018-04-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4162"
},
{
"date": "2018-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"date": "2018-08-23T18:40:24",
"db": "PACKETSTORM",
"id": "149059"
},
{
"date": "2018-04-18T13:33:33",
"db": "PACKETSTORM",
"id": "147241"
},
{
"date": "2018-03-30T15:52:32",
"db": "PACKETSTORM",
"id": "146965"
},
{
"date": "2018-05-02T04:32:41",
"db": "PACKETSTORM",
"id": "147433"
},
{
"date": "2018-03-30T15:52:53",
"db": "PACKETSTORM",
"id": "146966"
},
{
"date": "2018-03-30T15:55:24",
"db": "PACKETSTORM",
"id": "146969"
},
{
"date": "2018-03-30T15:55:41",
"db": "PACKETSTORM",
"id": "146970"
},
{
"date": "2018-03-30T15:56:03",
"db": "PACKETSTORM",
"id": "146971"
},
{
"date": "2018-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-149"
},
{
"date": "2018-04-03T06:29:07.467000",
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-275"
},
{
"date": "2020-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-134193"
},
{
"date": "2020-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4162"
},
{
"date": "2018-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003687"
},
{
"date": "2020-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-149"
},
{
"date": "2020-08-14T23:15:12.293000",
"db": "NVD",
"id": "CVE-2018-4162"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-149"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Used in products WebKit Vulnerability in arbitrary code execution in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003687"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-149"
}
],
"trust": 0.6
}
}
VAR-202005-0222
Vulnerability from variot - Updated: 2024-07-23 22:19ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. SQLite Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. SQLite is an open source embedded relational database management system based on C language developed by American D.Richard Hipp software developer. The system has the characteristics of independence, isolation and cross-platform. A resource management error vulnerability exists in the 'snippet()' function of the ext/fts3/fts3.c file in versions prior to SQLite 3.32.0. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update Advisory ID: RHSA-2020:5605-01 Product: Red Hat OpenShift Container Storage Advisory URL: https://access.redhat.com/errata/RHSA-2020:5605 Issue date: 2020-12-17 CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2018-20843 CVE-2019-1551 CVE-2019-5018 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-11068 CVE-2019-13050 CVE-2019-13627 CVE-2019-14889 CVE-2019-15165 CVE-2019-15166 CVE-2019-15903 CVE-2019-16168 CVE-2019-16935 CVE-2019-18197 CVE-2019-18609 CVE-2019-19221 CVE-2019-19906 CVE-2019-19956 CVE-2019-20218 CVE-2019-20387 CVE-2019-20388 CVE-2019-20454 CVE-2019-20807 CVE-2019-20907 CVE-2019-20916 CVE-2020-1730 CVE-2020-1751 CVE-2020-1752 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-6405 CVE-2020-7595 CVE-2020-7720 CVE-2020-8177 CVE-2020-8237 CVE-2020-8492 CVE-2020-9327 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-10018 CVE-2020-10029 CVE-2020-11793 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-14019 CVE-2020-14040 CVE-2020-14382 CVE-2020-14391 CVE-2020-14422 CVE-2020-15503 CVE-2020-15586 CVE-2020-16845 CVE-2020-25660 =====================================================================
- Summary:
Updated images are now available for Red Hat OpenShift Container Storage 4.6.0 on Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description:
Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API.
These updated images include numerous security fixes, bug fixes, and enhancements.
Security Fix(es):
-
nodejs-node-forge: prototype pollution via the util.setPath function (CVE-2020-7720)
-
nodejs-json-bigint: Prototype pollution via
__proto__assignment could result in DoS (CVE-2020-8237) -
golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
-
golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
-
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Users are directed to the Red Hat OpenShift Container Storage Release Notes for information on the most significant of these changes:
https://access.redhat.com/documentation/en-us/red_hat_openshift_container_s torage/4.6/html/4.6_release_notes/index
All Red Hat OpenShift Container Storage users are advised to upgrade to these updated images. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume
1813506 - Dockerfile not compatible with docker and buildah
1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup
1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement
1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance
1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https)
1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node.
1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default
1842254 - [NooBaa] Compression stats do not add up when compression id disabled
1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster
1849771 - [RFE] Account created by OBC should have same permissions as bucket owner
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot
1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume
1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount
1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params)
1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14)
1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage
1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards
1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found
1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining
1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script
1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases.
1865938 - CSIDrivers missing in OCS 4.6
1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found)
1868703 - [rbd] After volume expansion, the new size is not reflected on the pod
1869411 - capture full crash information from ceph
1870061 - [RHEL][IBM] OCS un-install should make the devices raw
1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn't find key admin-secret)
1870631 - OCS 4.6 Deployment : RGW pods went into 'CrashLoopBackOff' state on Z Platform
1872119 - Updates don't work on StorageClass which will keep PV expansion disabled for upgraded cluster
1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store
1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError
1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function
1875476 - Change noobaa logo in the noobaa UI
1877339 - Incorrect use of logr
1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect
1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory
1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket
1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW
1879008 - ocs-osd-removal job fails because it can't find admin-secret in rook-ceph-mon secret
1879072 - Deployment with encryption at rest is failing to bring up OSD pods
1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1880255 - Collect rbd info and subvolume info and snapshot info command output
1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via __proto__ assignment could result in DoS
1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1882397 - MCG decompression problem with snappy on s390x arch
1883253 - CSV doesn't contain values required for UI to enable minimal deployment and cluster encryption
1883398 - Update csi sidecar containers in rook
1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash
1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6
1883927 - Deployment with encryption at rest is failing to bring up OSD pods
1885175 - Handle disappeared underlying device for encrypted OSD
1885428 - panic seen in rook-ceph during uninstall - "close of closed channel"
1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall
1885971 - ocs-storagecluster-cephobjectstore doesn't report true state of RGW
1886308 - Default VolumeSnapshot Classes not created in External Mode
1886348 - osd removal job failed with status "Error"
1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB)
1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6
1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall
1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, "failed to delete object store", remaining users: [noobaa-ceph-objectstore-user]
1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state
1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script
1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash
1889441 - Traceback error message while running OCS 4.6 must-gather
1889683 - [GSS] Noobaa Problem when setting public access to a bucket
1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster
1890183 - [External] ocs-operator logs are filled with "failed to reconcile metrics exporter"
1890638 - must-gather helper pod should be deleted after collecting ceph crash info
1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port
1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint
1892206 - [GSS] Ceph image/version mismatch
1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test
1893624 - Must Gather is not collecting the tar file from NooBaa diagnose
1893691 - OCS4.6 must_gather failes to complete in 600sec
1893714 - Bad response for upload an object with encryption
1895402 - Mon pods didn't get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6
1896298 - [RFE] Monitoring for Namespace buckets and resources
1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs
1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC
1902627 - must-gather should wait for debug pods to be in ready state
1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1
macOS Big Sur 11.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT211931.
AMD Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27914: Yu Wang of Didi Research America CVE-2020-27915: Yu Wang of Didi Research America Entry added December 14, 2020
App Store Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to gain elevated privileges Description: This issue was addressed by removing the vulnerable code. CVE-2020-27903: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27910: JunDong Xie and XingWei Lin of Ant Security Light- Year Lab
Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27916: JunDong Xie of Ant Security Light-Year Lab
Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9943: JunDong Xie of Ant Group Light-Year Security Lab
Audio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9944: JunDong Xie of Ant Group Light-Year Security Lab
Bluetooth Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected application termination or heap corruption Description: Multiple integer overflows were addressed with improved input validation. CVE-2020-27906: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab
CoreAudio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27908: JunDong Xie and XingWei Lin of Ant Security Light- Year Lab CVE-2020-27909: Anonymous working with Trend Micro Zero Day Initiative, JunDong Xie and XingWei Lin of Ant Security Light-Year Lab CVE-2020-9960: JunDong Xie and XingWei Lin of Ant Security Light-Year Lab Entry added December 14, 2020
CoreAudio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-10017: Francis working with Trend Micro Zero Day Initiative, JunDong Xie of Ant Security Light-Year Lab
CoreCapture Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9949: Proteas
CoreGraphics Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro
Crash Reporter Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. CVE-2020-10003: Tim Michaud (@TimGMichaud) of Leviathan
CoreText Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-27922: Mickey Jin of Trend Micro Entry added December 14, 2020
CoreText Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-9999: Apple Entry updated December 14, 2020
Disk Images Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9965: Proteas CVE-2020-9966: Proteas
Finder Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Users may be unable to remove metadata indicating where files were downloaded from Description: The issue was addressed with additional user controls. CVE-2020-27894: Manuel Trezza of Shuggr (shuggr.com)
FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A buffer overflow was addressed with improved size validation. CVE-2020-9962: Yiğit Can YILMAZ (@yilmazcanyigit) Entry added December 14, 2020
FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27952: an anonymous researcher, Mickey Jin and Junzhi Lu of Trend Micro Entry added December 14, 2020
FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9956: Mickey Jin and Junzhi Lu of Trend Micro Mobile Security Research Team working with Trend Micro’s Zero Day Initiative Entry added December 14, 2020
FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. CVE-2020-27931: Apple Entry added December 14, 2020
FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27930: Google Project Zero
FontParser Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-27927: Xingwei Lin of Ant Security Light-Year Lab
Foundation Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to read arbitrary files Description: A logic issue was addressed with improved state management. CVE-2020-10002: James Hutchins
HomeKit Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker in a privileged network position may be able to unexpectedly alter application state Description: This issue was addressed with improved setting propagation. CVE-2020-9978: Luyi Xing, Dongfang Zhao, and Xiaofeng Wang of Indiana University Bloomington, Yan Jia of Xidian University and University of Chinese Academy of Sciences, and Bin Yuan of HuaZhong University of Science and Technology Entry added December 14, 2020
ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9955: Mickey Jin of Trend Micro, Xingwei Lin of Ant Security Light-Year Lab Entry added December 14, 2020
ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-27924: Lei Sun Entry added December 14, 2020
ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27912: Xingwei Lin of Ant Security Light-Year Lab CVE-2020-27923: Lei Sun Entry updated December 14, 2020
ImageIO Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9876: Mickey Jin of Trend Micro
Intel Graphics Driver Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-10015: ABC Research s.r.o. working with Trend Micro Zero Day Initiative CVE-2020-27897: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc., and Luyi Xing of Indiana University Bloomington Entry added December 14, 2020
Intel Graphics Driver Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-27907: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Entry added December 14, 2020
Image Processing Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2020-27919: Hou JingYi (@hjy79425575) of Qihoo 360 CERT, Xingwei Lin of Ant Security Light-Year Lab Entry added December 14, 2020
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2020-9967: Alex Plaskett (@alexjplaskett) Entry added December 14, 2020
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9975: Tielei Wang of Pangu Lab Entry added December 14, 2020
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2020-27921: Linus Henze (pinauten.de) Entry added December 14, 2020
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqong Security Lab
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel Description: A routing issue was addressed with improved restrictions. CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory initialization issue was addressed. CVE-2020-27950: Google Project Zero
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved state management. CVE-2020-9974: Tommy Muir (@Muirey03)
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-10016: Alex Helie
Kernel Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A type confusion issue was addressed with improved state handling. CVE-2020-27932: Google Project Zero
libxml2 Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing maliciously crafted web content may lead to code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-27917: found by OSS-Fuzz CVE-2020-27920: found by OSS-Fuzz Entry updated December 14, 2020
libxml2 Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2020-27911: found by OSS-Fuzz
libxpc Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved validation. CVE-2020-9971: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Entry added December 14, 2020
libxpc Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to break out of its sandbox Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2020-10014: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
Logging Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: A path handling issue was addressed with improved validation. CVE-2020-10010: Tommy Muir (@Muirey03)
Mail Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to unexpectedly alter application state Description: This issue was addressed with improved checks. CVE-2020-9941: Fabian Ising of FH Münster University of Applied Sciences and Damian Poddebniak of FH Münster University of Applied Sciences
Messages Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to discover a user’s deleted messages Description: The issue was addressed with improved deletion. CVE-2020-9988: William Breuer of the Netherlands CVE-2020-9989: von Brunn Media
Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-10011: Aleksandar Nikolic of Cisco Talos Entry added December 14, 2020
Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-13524: Aleksandar Nikolic of Cisco Talos
Model I/O Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-10004: Aleksandar Nikolic of Cisco Talos
NetworkExtension Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to elevate privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9996: Zhiwei Yuan of Trend Micro iCore Team, Junzhi Lu and Mickey Jin of Trend Micro
NSRemoteView Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved restrictions. CVE-2020-27901: Thijs Alkemade of Computest Research Division Entry added December 14, 2020
NSRemoteView Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to preview files it does not have access to Description: An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic. CVE-2020-27900: Thijs Alkemade of Computest Research Division
PCRE Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Multiple issues in pcre Description: Multiple issues were addressed by updating to version 8.44. CVE-2019-20838 CVE-2020-14155
Power Management Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved state management. CVE-2020-10007: singi@theori working with Trend Micro Zero Day Initiative
python Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Cookies belonging to one origin may be sent to another origin Description: Multiple issues were addressed with improved logic. CVE-2020-27896: an anonymous researcher
Quick Look Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious app may be able to determine the existence of files on the computer Description: The issue was addressed with improved handling of icon caches. CVE-2020-9963: Csaba Fitzl (@theevilbit) of Offensive Security
Quick Look Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted document may lead to a cross site scripting attack Description: An access issue was addressed with improved access restrictions. CVE-2020-10012: Heige of KnownSec 404 Team (https://www.knownsec.com/) and Bo Qu of Palo Alto Networks (https://www.paloaltonetworks.com/)
Ruby Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to modify the file system Description: A path handling issue was addressed with improved validation. CVE-2020-27896: an anonymous researcher
Ruby Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects in the target system Description: This issue was addressed with improved checks. CVE-2020-10663: Jeremy Evans
Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. CVE-2020-9945: Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati
Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to determine a user's open tabs in Safari Description: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. CVE-2020-9977: Josh Parnham (@joshparnham)
Safari Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2020-9942: an anonymous researcher, Rahul d Kankrale (servicenger.com), Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter, Ruilin Yang of Tencent Security Xuanwu Lab, YoKo Kho (@YoKoAcc) of PT Telekomunikasi Indonesia (Persero) Tbk, Zhiyang Zeng(@Wester) of OPPO ZIWU Security Lab
Sandbox Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local user may be able to view senstive user information Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9969: Wojciech Reguła of SecuRing (wojciechregula.blog)
SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-9991
SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to leak memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9849
SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating SQLite to version 3.32.3. CVE-2020-15358
SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A maliciously crafted SQL query may lead to data corruption Description: This issue was addressed with improved checks. CVE-2020-13631
SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-13434 CVE-2020-13435 CVE-2020-9991
SQLite Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2020-13630
Symptom Framework Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A local attacker may be able to elevate their privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-27899: 08Tc3wBB working with ZecOps Entry added December 14, 2020
System Preferences Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved state management. CVE-2020-10009: Thijs Alkemade of Computest Research Division
TCC Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application with root privileges may be able to access private information Description: A logic issue was addressed with improved restrictions. CVE-2020-10008: Wojciech Reguła of SecuRing (wojciechregula.blog) Entry added December 14, 2020
WebKit Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-27918: Liu Long of Ant Security Light-Year Lab Entry updated December 14, 2020
Wi-Fi Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: An attacker may be able to bypass Managed Frame Protection Description: A denial of service issue was addressed with improved state handling. CVE-2020-27898: Stephan Marais of University of Johannesburg
Xsan Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements. CVE-2020-10006: Wojciech Reguła (@_r3ggi) of SecuRing
Additional recognition
802.1X We would like to acknowledge Kenana Dalle of Hamad bin Khalifa University and Ryan Riley of Carnegie Mellon University in Qatar for their assistance. Entry added December 14, 2020
Audio We would like to acknowledge JunDong Xie and XingWei Lin of Ant- financial Light-Year Security Lab, an anonymous researcher for their assistance.
Bluetooth We would like to acknowledge Andy Davis of NCC Group, Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab for their assistance. Entry updated December 14, 2020
Clang We would like to acknowledge Brandon Azad of Google Project Zero for their assistance.
Core Location We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance.
Crash Reporter We would like to acknowledge Artur Byszko of AFINE for their assistance. Entry added December 14, 2020
Directory Utility We would like to acknowledge Wojciech Reguła (@_r3ggi) of SecuRing for their assistance.
iAP We would like to acknowledge Andy Davis of NCC Group for their assistance.
Kernel We would like to acknowledge Brandon Azad of Google Project Zero, Stephen Röttger of Google for their assistance.
libxml2 We would like to acknowledge an anonymous researcher for their assistance. Entry added December 14, 2020
Login Window We would like to acknowledge Rob Morton of Leidos for their assistance.
Photos Storage We would like to acknowledge Paulos Yibelo of LimeHats for their assistance.
Quick Look We would like to acknowledge Csaba Fitzl (@theevilbit) and Wojciech Reguła of SecuRing (wojciechregula.blog) for their assistance.
Safari We would like to acknowledge Gabriel Corona and Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati for their assistance.
Security We would like to acknowledge Christian Starkjohann of Objective Development Software GmbH for their assistance.
System Preferences We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl/YDPwACgkQZcsbuWJ6 jjANmhAAoj+ZHNnH2pGDFl2/jrAtvWBtXg8mqw6NtNbGqWDZFhnY5q7Lp8WTx/Pi x64A4F8bU5xcybnmaDpK5PMwAAIiAg4g1BhpOq3pGyeHEasNx7D9damfqFGKiivS p8nl62XE74ayfxdZGa+2tOVFTFwqixfr0aALVoQUhAWNeYuvVSgJXlgdGjj+QSL+ 9vW86kbQypOqT5TPDg6tpJy3g5s4hotkfzCfxA9mIKOg5e/nnoRNhw0c1dzfeTRO INzGxnajKGGYy2C3MH6t0cKG0B6cH7aePZCHYJ1jmuAVd0SD3PfmoT76DeRGC4Ri c8fGD+5pvSF6/+5E+MbH3t3D6bLiCGRFJtYNMpr46gUKKt27EonSiheYCP9xR6lU ChpYdcgHMOHX4a07/Oo8vEwQrtJ4JryhI9tfBel1ewdSoxk2iCFKzLLYkDMihD6B 1x/9MlaqEpLYBnuKkrRzFINW23TzFPTI/+i2SbUscRQtK0qE7Up5C+IUkRvBGhEs MuEmEnn5spnVG2EBcKeLtJxtf/h5WaRFrev72EvSVR+Ko8Cj0MgK6IATu6saq8bV kURL5empvpexFAvVQWRDaLgGBHKM+uArBz2OP6t7wFvD2p1Vq5M+dMrEPna1JO/S AXZYC9Y9bBRZfYQAv7nxa+uIXy2rGTuQKQY8ldu4eEHtJ0OhaB8= =T5Y8 -----END PGP SIGNATURE-----
.
Bug Fix(es):
-
Configuring the system with non-RT kernel will hang the system (BZ#1923220)
-
Solution:
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html
- Bugs fixed (https://bugzilla.redhat.com/):
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
- JIRA issues fixed (https://issues.jboss.org/):
CNF-802 - Infrastructure-provided enablement/disablement of interrupt processing for guaranteed pod CPUs CNF-854 - Performance tests in CNF Tests
-
Gentoo Linux Security Advisory GLSA 202007-26
https://security.gentoo.org/
Severity: Normal Title: SQLite: Multiple vulnerabilities Date: July 27, 2020 Bugs: #716748 ID: 202007-26
Synopsis
Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/sqlite < 3.32.3 >= 3.32.3
Description
Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All SQLite users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">\xdev-db/sqlite-3.32.3"
References
[ 1 ] CVE-2019-20218 https://nvd.nist.gov/vuln/detail/CVE-2019-20218 [ 2 ] CVE-2020-11655 https://nvd.nist.gov/vuln/detail/CVE-2020-11655 [ 3 ] CVE-2020-11656 https://nvd.nist.gov/vuln/detail/CVE-2020-11656 [ 4 ] CVE-2020-13434 https://nvd.nist.gov/vuln/detail/CVE-2020-13434 [ 5 ] CVE-2020-13435 https://nvd.nist.gov/vuln/detail/CVE-2020-13435 [ 6 ] CVE-2020-13630 https://nvd.nist.gov/vuln/detail/CVE-2020-13630 [ 7 ] CVE-2020-13631 https://nvd.nist.gov/vuln/detail/CVE-2020-13631 [ 8 ] CVE-2020-13632 https://nvd.nist.gov/vuln/detail/CVE-2020-13632 [ 9 ] CVE-2020-13871 https://nvd.nist.gov/vuln/detail/CVE-2020-13871 [ 10 ] CVE-2020-15358 https://nvd.nist.gov/vuln/detail/CVE-2020-15358
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-26
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 .
Assets Available for: Apple TV 4K and Apple TV HD Impact: An attacker may be able to misuse a trust relationship to download malicious content Description: A trust issue was addressed by removing a legacy API. CVE-2020-9976: Rias A. Entry added November 12, 2020
Installation note:
Apple TV will periodically check for software updates. ========================================================================== Ubuntu Security Notice USN-4394-1 June 10, 2020
sqlite3 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 19.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in SQLite.
Software Description: - sqlite3: C library that implements an SQL database engine
Details:
It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740)
It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-19603)
It was discovered that SQLite incorrectly handled certain self-referential views. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-19645)
Henry Liu discovered that SQLite incorrectly handled certain malformed window-function queries. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-11655)
It was discovered that SQLite incorrectly handled certain string operations. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13434)
It was discovered that SQLite incorrectly handled certain expressions. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13435)
It was discovered that SQLite incorrectly handled certain fts3 queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13630)
It was discovered that SQLite incorrectly handled certain virtual table names. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13631)
It was discovered that SQLite incorrectly handled certain fts3 queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13632)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04 LTS: libsqlite3-0 3.31.1-4ubuntu0.1 sqlite3 3.31.1-4ubuntu0.1
Ubuntu 19.10: libsqlite3-0 3.29.0-2ubuntu0.3 sqlite3 3.29.0-2ubuntu0.3
Ubuntu 18.04 LTS: libsqlite3-0 3.22.0-1ubuntu0.4 sqlite3 3.22.0-1ubuntu0.4
Ubuntu 16.04 LTS: libsqlite3-0 3.11.0-1ubuntu1.5 sqlite3 3.11.0-1ubuntu1.5
In general, a standard system update will make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0222",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.10.9"
},
{
"model": "sinec infrastructure network services",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0.1.1"
},
{
"model": "outside in technology",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.5.5"
},
{
"model": "hci compute node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ipados",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "14.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "communications network charging and control",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "fabric operating system",
"scope": "eq",
"trust": 1.0,
"vendor": "brocade",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "20.04"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "14.0"
},
{
"model": "zfs storage appliance kit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "outside in technology",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.5.4"
},
{
"model": "sqlite",
"scope": "lt",
"trust": 1.0,
"vendor": "sqlite",
"version": "3.32.0"
},
{
"model": "solidfire\\, enterprise sds \\\u0026 hci storage node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.0"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "14.0"
},
{
"model": "cloud backup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "icloud",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.5"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.10"
},
{
"model": "communications network charging and control",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.0"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.0.1"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.0.1"
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "sqlite",
"scope": "eq",
"trust": 0.8,
"vendor": "sqlite",
"version": "3.32.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.32.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:brocade:fabric_operating_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "12.10.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.3",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "160624"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1349"
}
],
"trust": 0.8
},
"cve": "CVE-2020-13630",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-005729",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-166428",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2020-13630",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-005729",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-13630",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-005729",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-1349",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-166428",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-13630",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-166428"
},
{
"db": "VULMON",
"id": "CVE-2020-13630"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1349"
},
{
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. SQLite Is vulnerable to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. SQLite is an open source embedded relational database management system based on C language developed by American D.Richard Hipp software developer. The system has the characteristics of independence, isolation and cross-platform. A resource management error vulnerability exists in the \u0027snippet()\u0027 function of the ext/fts3/fts3.c file in versions prior to SQLite 3.32.0. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update\nAdvisory ID: RHSA-2020:5605-01\nProduct: Red Hat OpenShift Container Storage\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:5605\nIssue date: 2020-12-17\nCVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 \n CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 \n CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 \n CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 \n CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 \n CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 \n CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 \n CVE-2018-16451 CVE-2018-16452 CVE-2018-20843 \n CVE-2019-1551 CVE-2019-5018 CVE-2019-8625 \n CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 \n CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 \n CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 \n CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 \n CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 \n CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 \n CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 \n CVE-2019-8846 CVE-2019-11068 CVE-2019-13050 \n CVE-2019-13627 CVE-2019-14889 CVE-2019-15165 \n CVE-2019-15166 CVE-2019-15903 CVE-2019-16168 \n CVE-2019-16935 CVE-2019-18197 CVE-2019-18609 \n CVE-2019-19221 CVE-2019-19906 CVE-2019-19956 \n CVE-2019-20218 CVE-2019-20387 CVE-2019-20388 \n CVE-2019-20454 CVE-2019-20807 CVE-2019-20907 \n CVE-2019-20916 CVE-2020-1730 CVE-2020-1751 \n CVE-2020-1752 CVE-2020-3862 CVE-2020-3864 \n CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 \n CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 \n CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 \n CVE-2020-3901 CVE-2020-3902 CVE-2020-6405 \n CVE-2020-7595 CVE-2020-7720 CVE-2020-8177 \n CVE-2020-8237 CVE-2020-8492 CVE-2020-9327 \n CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 \n CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 \n CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 \n CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 \n CVE-2020-9925 CVE-2020-10018 CVE-2020-10029 \n CVE-2020-11793 CVE-2020-13630 CVE-2020-13631 \n CVE-2020-13632 CVE-2020-14019 CVE-2020-14040 \n CVE-2020-14382 CVE-2020-14391 CVE-2020-14422 \n CVE-2020-15503 CVE-2020-15586 CVE-2020-16845 \n CVE-2020-25660 \n=====================================================================\n\n1. Summary:\n\nUpdated images are now available for Red Hat OpenShift Container Storage\n4.6.0 on Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. Description:\n\nRed Hat OpenShift Container Storage is software-defined storage integrated\nwith and optimized for the Red Hat OpenShift Container Platform. Red Hat\nOpenShift Container Storage is a highly scalable, production-grade\npersistent storage for stateful applications running in the Red Hat\nOpenShift Container Platform. In addition to persistent storage, Red Hat\nOpenShift Container Storage provisions a multicloud data management service\nwith an S3 compatible API. \n\nThese updated images include numerous security fixes, bug fixes, and\nenhancements. \n\nSecurity Fix(es):\n\n* nodejs-node-forge: prototype pollution via the util.setPath function\n(CVE-2020-7720)\n\n* nodejs-json-bigint: Prototype pollution via `__proto__` assignment could\nresult in DoS (CVE-2020-8237)\n\n* golang.org/x/text: possibility to trigger an infinite loop in\nencoding/unicode could lead to crash (CVE-2020-14040)\n\n* golang: data race in certain net/http servers including ReverseProxy can\nlead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes\nfrom invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nUsers are directed to the Red Hat OpenShift Container Storage Release Notes\nfor information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_container_s\ntorage/4.6/html/4.6_release_notes/index\n\nAll Red Hat OpenShift Container Storage users are advised to upgrade to\nthese updated images. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume\n1813506 - Dockerfile not compatible with docker and buildah\n1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup\n1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement\n1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance\n1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https)\n1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node. \n1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default\n1842254 - [NooBaa] Compression stats do not add up when compression id disabled\n1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster\n1849771 - [RFE] Account created by OBC should have same permissions as bucket owner\n1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash\n1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot\n1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume\n1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume\n1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS\n1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount\n1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params)\n1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips \"b\" and \"c\" (spawned from Bug 1840084#c14)\n1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage\n1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards\n1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found\n1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining\n1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script\n1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases. \n1865938 - CSIDrivers missing in OCS 4.6\n1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state\n1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs\n1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found)\n1868703 - [rbd] After volume expansion, the new size is not reflected on the pod\n1869411 - capture full crash information from ceph\n1870061 - [RHEL][IBM] OCS un-install should make the devices raw\n1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn\u0027t find key admin-secret)\n1870631 - OCS 4.6 Deployment : RGW pods went into \u0027CrashLoopBackOff\u0027 state on Z Platform\n1872119 - Updates don\u0027t work on StorageClass which will keep PV expansion disabled for upgraded cluster\n1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store\n1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError\n1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function\n1875476 - Change noobaa logo in the noobaa UI\n1877339 - Incorrect use of logr\n1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect\n1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory\n1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket\n1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW\n1879008 - ocs-osd-removal job fails because it can\u0027t find admin-secret in rook-ceph-mon secret\n1879072 - Deployment with encryption at rest is failing to bring up OSD pods\n1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed\n1880255 - Collect rbd info and subvolume info and snapshot info command output\n1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS\n1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed\n1882397 - MCG decompression problem with snappy on s390x arch\n1883253 - CSV doesn\u0027t contain values required for UI to enable minimal deployment and cluster encryption\n1883398 - Update csi sidecar containers in rook\n1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash\n1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6\n1883927 - Deployment with encryption at rest is failing to bring up OSD pods\n1885175 - Handle disappeared underlying device for encrypted OSD\n1885428 - panic seen in rook-ceph during uninstall - \"close of closed channel\"\n1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall\n1885971 - ocs-storagecluster-cephobjectstore doesn\u0027t report true state of RGW\n1886308 - Default VolumeSnapshot Classes not created in External Mode\n1886348 - osd removal job failed with status \"Error\"\n1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB)\n1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6\n1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall\n1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, \"failed to delete object store\", remaining users: [noobaa-ceph-objectstore-user]\n1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state\n1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script\n1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash\n1889441 - Traceback error message while running OCS 4.6 must-gather\n1889683 - [GSS] Noobaa Problem when setting public access to a bucket\n1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster\n1890183 - [External] ocs-operator logs are filled with \"failed to reconcile metrics exporter\"\n1890638 - must-gather helper pod should be deleted after collecting ceph crash info\n1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port\n1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint\n1892206 - [GSS] Ceph image/version mismatch\n1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test\n1893624 - Must Gather is not collecting the tar file from NooBaa diagnose\n1893691 - OCS4.6 must_gather failes to complete in 600sec\n1893714 - Bad response for upload an object with encryption\n1895402 - Mon pods didn\u0027t get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6\n1896298 - [RFE] Monitoring for Namespace buckets and resources\n1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs\n1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC\n1902627 - must-gather should wait for debug pods to be in ready state\n1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6\n\n5. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2020-12-14-4 Additional information for\nAPPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1\n\nmacOS Big Sur 11.0.1 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT211931. \n\nAMD\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to execute arbitrary code\nwith system privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2020-27914: Yu Wang of Didi Research America\nCVE-2020-27915: Yu Wang of Didi Research America\nEntry added December 14, 2020\n\nApp Store\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to gain elevated privileges\nDescription: This issue was addressed by removing the vulnerable\ncode. \nCVE-2020-27903: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\n\nAudio\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-27910: JunDong Xie and XingWei Lin of Ant Security Light-\nYear Lab\n\nAudio\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: An out-of-bounds write was addressed with improved input\nvalidation. \nCVE-2020-27916: JunDong Xie of Ant Security Light-Year Lab\n\nAudio\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9943: JunDong Xie of Ant Group Light-Year Security Lab\n\nAudio\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9944: JunDong Xie of Ant Group Light-Year Security Lab\n\nBluetooth\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to cause unexpected application\ntermination or heap corruption\nDescription: Multiple integer overflows were addressed with improved\ninput validation. \nCVE-2020-27906: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong\nSecurity Lab\n\nCoreAudio\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-27908: JunDong Xie and XingWei Lin of Ant Security Light-\nYear Lab\nCVE-2020-27909: Anonymous working with Trend Micro Zero Day\nInitiative, JunDong Xie and XingWei Lin of Ant Security Light-Year\nLab\nCVE-2020-9960: JunDong Xie and XingWei Lin of Ant Security Light-Year\nLab\nEntry added December 14, 2020\n\nCoreAudio\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: An out-of-bounds write was addressed with improved input\nvalidation. \nCVE-2020-10017: Francis working with Trend Micro Zero Day Initiative,\nJunDong Xie of Ant Security Light-Year Lab\n\nCoreCapture\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2020-9949: Proteas\n\nCoreGraphics\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds write was addressed with improved input\nvalidation. \nCVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro\n\nCrash Reporter\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A local attacker may be able to elevate their privileges\nDescription: An issue existed within the path validation logic for\nsymlinks. This issue was addressed with improved path sanitization. \nCVE-2020-10003: Tim Michaud (@TimGMichaud) of Leviathan\n\nCoreText\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2020-27922: Mickey Jin of Trend Micro\nEntry added December 14, 2020\n\nCoreText\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted text file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-9999: Apple\nEntry updated December 14, 2020\n\nDisk Images\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-9965: Proteas\nCVE-2020-9966: Proteas\n\nFinder\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Users may be unable to remove metadata indicating where files\nwere downloaded from\nDescription: The issue was addressed with additional user controls. \nCVE-2020-27894: Manuel Trezza of Shuggr (shuggr.com)\n\nFontParser\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A buffer overflow was addressed with improved size\nvalidation. \nCVE-2020-9962: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\nEntry added December 14, 2020\n\nFontParser\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: An out-of-bounds write was addressed with improved input\nvalidation. \nCVE-2020-27952: an anonymous researcher, Mickey Jin and Junzhi Lu of\nTrend Micro\nEntry added December 14, 2020\n\nFontParser\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-9956: Mickey Jin and Junzhi Lu of Trend Micro Mobile\nSecurity Research Team working with Trend Micro\u2019s Zero Day Initiative\nEntry added December 14, 2020\n\nFontParser\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed with improved input validation. \nCVE-2020-27931: Apple\nEntry added December 14, 2020\n\nFontParser\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted font may lead to arbitrary\ncode execution. Apple is aware of reports that an exploit for this\nissue exists in the wild. \nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2020-27930: Google Project Zero\n\nFontParser\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-27927: Xingwei Lin of Ant Security Light-Year Lab\n\nFoundation\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A local user may be able to read arbitrary files\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2020-10002: James Hutchins\n\nHomeKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An attacker in a privileged network position may be able to\nunexpectedly alter application state\nDescription: This issue was addressed with improved setting\npropagation. \nCVE-2020-9978: Luyi Xing, Dongfang Zhao, and Xiaofeng Wang of Indiana\nUniversity Bloomington, Yan Jia of Xidian University and University\nof Chinese Academy of Sciences, and Bin Yuan of HuaZhong University\nof Science and Technology\nEntry added December 14, 2020\n\nImageIO\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-9955: Mickey Jin of Trend Micro, Xingwei Lin of Ant Security\nLight-Year Lab\nEntry added December 14, 2020\n\nImageIO\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-27924: Lei Sun\nEntry added December 14, 2020\n\nImageIO\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds write was addressed with improved input\nvalidation. \nCVE-2020-27912: Xingwei Lin of Ant Security Light-Year Lab\nCVE-2020-27923: Lei Sun\nEntry updated December 14, 2020\n\nImageIO\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-9876: Mickey Jin of Trend Micro\n\nIntel Graphics Driver\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-10015: ABC Research s.r.o. working with Trend Micro Zero Day\nInitiative\nCVE-2020-27897: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc.,\nand Luyi Xing of Indiana University Bloomington\nEntry added December 14, 2020\n\nIntel Graphics Driver\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2020-27907: ABC Research s.r.o. working with Trend Micro Zero Day\nInitiative\nEntry added December 14, 2020\n\nImage Processing\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds write was addressed with improved input\nvalidation. \nCVE-2020-27919: Hou JingYi (@hjy79425575) of Qihoo 360 CERT, Xingwei\nLin of Ant Security Light-Year Lab\nEntry added December 14, 2020\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to cause unexpected system\ntermination or corrupt kernel memory\nDescription: Multiple memory corruption issues were addressed with\nimproved input validation. \nCVE-2020-9967: Alex Plaskett (@alexjplaskett)\nEntry added December 14, 2020\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2020-9975: Tielei Wang of Pangu Lab\nEntry added December 14, 2020\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2020-27921: Linus Henze (pinauten.de)\nEntry added December 14, 2020\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A logic issue existed resulting in memory corruption. \nThis was addressed with improved state management. \nCVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqong\nSecurity Lab\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An attacker in a privileged network position may be able to\ninject into active connections within a VPN tunnel\nDescription: A routing issue was addressed with improved\nrestrictions. \nCVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. \nCrandall\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to disclose kernel\nmemory. Apple is aware of reports that an exploit for this issue\nexists in the wild. \nDescription: A memory initialization issue was addressed. \nCVE-2020-27950: Google Project Zero\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2020-9974: Tommy Muir (@Muirey03)\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-10016: Alex Helie\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges. Apple is aware of reports that an exploit for\nthis issue exists in the wild. \nDescription: A type confusion issue was addressed with improved state\nhandling. \nCVE-2020-27932: Google Project Zero\n\nlibxml2\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing maliciously crafted web content may lead to code\nexecution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2020-27917: found by OSS-Fuzz\nCVE-2020-27920: found by OSS-Fuzz\nEntry updated December 14, 2020\n\nlibxml2\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow was addressed through improved input\nvalidation. \nCVE-2020-27911: found by OSS-Fuzz\n\nlibxpc\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to elevate privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2020-9971: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\nEntry added December 14, 2020\n\nlibxpc\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: A parsing issue in the handling of directory paths was\naddressed with improved path validation. \nCVE-2020-10014: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\n\nLogging\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A local attacker may be able to elevate their privileges\nDescription: A path handling issue was addressed with improved\nvalidation. \nCVE-2020-10010: Tommy Muir (@Muirey03)\n\nMail\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to unexpectedly alter\napplication state\nDescription: This issue was addressed with improved checks. \nCVE-2020-9941: Fabian Ising of FH M\u00fcnster University of Applied\nSciences and Damian Poddebniak of FH M\u00fcnster University of Applied\nSciences\n\nMessages\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A local user may be able to discover a user\u2019s deleted\nmessages\nDescription: The issue was addressed with improved deletion. \nCVE-2020-9988: William Breuer of the Netherlands\nCVE-2020-9989: von Brunn Media\n\nModel I/O\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted USD file may lead to\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-10011: Aleksandar Nikolic of Cisco Talos\nEntry added December 14, 2020\n\nModel I/O\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted USD file may lead to\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-13524: Aleksandar Nikolic of Cisco Talos\n\nModel I/O\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Opening a maliciously crafted file may lead to unexpected\napplication termination or arbitrary code execution\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2020-10004: Aleksandar Nikolic of Cisco Talos\n\nNetworkExtension\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to elevate privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2020-9996: Zhiwei Yuan of Trend Micro iCore Team, Junzhi Lu and\nMickey Jin of Trend Micro\n\nNSRemoteView\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2020-27901: Thijs Alkemade of Computest Research Division\nEntry added December 14, 2020\n\nNSRemoteView\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to preview files it does\nnot have access to\nDescription: An issue existed in the handling of snapshots. The issue\nwas resolved with improved permissions logic. \nCVE-2020-27900: Thijs Alkemade of Computest Research Division\n\nPCRE\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Multiple issues in pcre\nDescription: Multiple issues were addressed by updating to version\n8.44. \nCVE-2019-20838\nCVE-2020-14155\n\nPower Management\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2020-10007: singi@theori working with Trend Micro Zero Day\nInitiative\n\npython\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Cookies belonging to one origin may be sent to another origin\nDescription: Multiple issues were addressed with improved logic. \nCVE-2020-27896: an anonymous researcher\n\nQuick Look\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious app may be able to determine the existence of\nfiles on the computer\nDescription: The issue was addressed with improved handling of icon\ncaches. \nCVE-2020-9963: Csaba Fitzl (@theevilbit) of Offensive Security\n\nQuick Look\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing a maliciously crafted document may lead to a cross\nsite scripting attack\nDescription: An access issue was addressed with improved access\nrestrictions. \nCVE-2020-10012: Heige of KnownSec 404 Team\n(https://www.knownsec.com/) and Bo Qu of Palo Alto Networks\n(https://www.paloaltonetworks.com/)\n\nRuby\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to modify the file system\nDescription: A path handling issue was addressed with improved\nvalidation. \nCVE-2020-27896: an anonymous researcher\n\nRuby\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: When parsing certain JSON documents, the json gem can be\ncoerced into creating arbitrary objects in the target system\nDescription: This issue was addressed with improved checks. \nCVE-2020-10663: Jeremy Evans\n\nSafari\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: A spoofing issue existed in the handling of URLs. This\nissue was addressed with improved input validation. \nCVE-2020-9945: Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India)\n@imnarendrabhati\n\nSafari\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to determine a user\u0027s\nopen tabs in Safari\nDescription: A validation issue existed in the entitlement\nverification. This issue was addressed with improved validation of\nthe process entitlement. \nCVE-2020-9977: Josh Parnham (@joshparnham)\n\nSafari\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2020-9942: an anonymous researcher, Rahul d Kankrale\n(servicenger.com), Rayyan Bijoora (@Bijoora) of The City School, PAF\nChapter, Ruilin Yang of Tencent Security Xuanwu Lab, YoKo Kho\n(@YoKoAcc) of PT Telekomunikasi Indonesia (Persero) Tbk, Zhiyang\nZeng(@Wester) of OPPO ZIWU Security Lab\n\nSandbox\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A local user may be able to view senstive user information\nDescription: An access issue was addressed with additional sandbox\nrestrictions. \nCVE-2020-9969: Wojciech Regu\u0142a of SecuRing (wojciechregula.blog)\n\nSQLite\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to cause a denial of service\nDescription: This issue was addressed with improved checks. \nCVE-2020-9991\n\nSQLite\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to leak memory\nDescription: An information disclosure issue was addressed with\nimproved state management. \nCVE-2020-9849\n\nSQLite\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Multiple issues in SQLite\nDescription: Multiple issues were addressed by updating SQLite to\nversion 3.32.3. \nCVE-2020-15358\n\nSQLite\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A maliciously crafted SQL query may lead to data corruption\nDescription: This issue was addressed with improved checks. \nCVE-2020-13631\n\nSQLite\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to cause a denial of service\nDescription: This issue was addressed with improved checks. \nCVE-2020-13434\nCVE-2020-13435\nCVE-2020-9991\n\nSQLite\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-13630\n\nSymptom Framework\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A local attacker may be able to elevate their privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2020-27899: 08Tc3wBB working with ZecOps\nEntry added December 14, 2020\n\nSystem Preferences\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2020-10009: Thijs Alkemade of Computest Research Division\n\nTCC\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application with root privileges may be able to\naccess private information\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2020-10008: Wojciech Regu\u0142a of SecuRing (wojciechregula.blog)\nEntry added December 14, 2020\n\nWebKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2020-27918: Liu Long of Ant Security Light-Year Lab\nEntry updated December 14, 2020\n\nWi-Fi\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: An attacker may be able to bypass Managed Frame Protection\nDescription: A denial of service issue was addressed with improved\nstate handling. \nCVE-2020-27898: Stephan Marais of University of Johannesburg\n\nXsan\nAvailable for: Mac Pro (2013 and later), MacBook Air (2013 and\nlater), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),\niMac (2014 and later), MacBook (2015 and later), iMac Pro (all\nmodels)\nImpact: A malicious application may be able to access restricted\nfiles\nDescription: This issue was addressed with improved entitlements. \nCVE-2020-10006: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nAdditional recognition\n\n802.1X\nWe would like to acknowledge Kenana Dalle of Hamad bin Khalifa\nUniversity and Ryan Riley of Carnegie Mellon University in Qatar for\ntheir assistance. \nEntry added December 14, 2020\n\nAudio\nWe would like to acknowledge JunDong Xie and XingWei Lin of Ant-\nfinancial Light-Year Security Lab, an anonymous researcher for their\nassistance. \n\nBluetooth\nWe would like to acknowledge Andy Davis of NCC Group, Dennis Heinze\n(@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab for their\nassistance. \nEntry updated December 14, 2020\n\nClang\nWe would like to acknowledge Brandon Azad of Google Project Zero for\ntheir assistance. \n\nCore Location\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for\ntheir assistance. \n\nCrash Reporter\nWe would like to acknowledge Artur Byszko of AFINE for their\nassistance. \nEntry added December 14, 2020\n\nDirectory Utility\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing\nfor their assistance. \n\niAP\nWe would like to acknowledge Andy Davis of NCC Group for their\nassistance. \n\nKernel\nWe would like to acknowledge Brandon Azad of Google Project Zero,\nStephen R\u00f6ttger of Google for their assistance. \n\nlibxml2\nWe would like to acknowledge an anonymous researcher for their\nassistance. \nEntry added December 14, 2020\n\nLogin Window\nWe would like to acknowledge Rob Morton of Leidos for their\nassistance. \n\nPhotos Storage\nWe would like to acknowledge Paulos Yibelo of LimeHats for their\nassistance. \n\nQuick Look\nWe would like to acknowledge Csaba Fitzl (@theevilbit) and Wojciech\nRegu\u0142a of SecuRing (wojciechregula.blog) for their assistance. \n\nSafari\nWe would like to acknowledge Gabriel Corona and Narendra Bhati From\nSuma Soft Pvt. Ltd. Pune (India) @imnarendrabhati for their\nassistance. \n\nSecurity\nWe would like to acknowledge Christian Starkjohann of Objective\nDevelopment Software GmbH for their assistance. \n\nSystem Preferences\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive\nSecurity for their assistance. \n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl/YDPwACgkQZcsbuWJ6\njjANmhAAoj+ZHNnH2pGDFl2/jrAtvWBtXg8mqw6NtNbGqWDZFhnY5q7Lp8WTx/Pi\nx64A4F8bU5xcybnmaDpK5PMwAAIiAg4g1BhpOq3pGyeHEasNx7D9damfqFGKiivS\np8nl62XE74ayfxdZGa+2tOVFTFwqixfr0aALVoQUhAWNeYuvVSgJXlgdGjj+QSL+\n9vW86kbQypOqT5TPDg6tpJy3g5s4hotkfzCfxA9mIKOg5e/nnoRNhw0c1dzfeTRO\nINzGxnajKGGYy2C3MH6t0cKG0B6cH7aePZCHYJ1jmuAVd0SD3PfmoT76DeRGC4Ri\nc8fGD+5pvSF6/+5E+MbH3t3D6bLiCGRFJtYNMpr46gUKKt27EonSiheYCP9xR6lU\nChpYdcgHMOHX4a07/Oo8vEwQrtJ4JryhI9tfBel1ewdSoxk2iCFKzLLYkDMihD6B\n1x/9MlaqEpLYBnuKkrRzFINW23TzFPTI/+i2SbUscRQtK0qE7Up5C+IUkRvBGhEs\nMuEmEnn5spnVG2EBcKeLtJxtf/h5WaRFrev72EvSVR+Ko8Cj0MgK6IATu6saq8bV\nkURL5empvpexFAvVQWRDaLgGBHKM+uArBz2OP6t7wFvD2p1Vq5M+dMrEPna1JO/S\nAXZYC9Y9bBRZfYQAv7nxa+uIXy2rGTuQKQY8ldu4eEHtJ0OhaB8=\n=T5Y8\n-----END PGP SIGNATURE-----\n\n\n. \n\nBug Fix(es):\n\n* Configuring the system with non-RT kernel will hang the system\n(BZ#1923220)\n\n3. Solution:\n\nFor OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel\nease-notes.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nCNF-802 - Infrastructure-provided enablement/disablement of interrupt processing for guaranteed pod CPUs\nCNF-854 - Performance tests in CNF Tests\n\n6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202007-26\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: SQLite: Multiple vulnerabilities\n Date: July 27, 2020\n Bugs: #716748\n ID: 202007-26\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been found in SQLite, the worst of which\ncould result in the arbitrary execution of code. \n\nAffected packages\n================\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-db/sqlite \u003c 3.32.3 \u003e= 3.32.3\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in SQLite. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll SQLite users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e\\xdev-db/sqlite-3.32.3\"\n\nReferences\n=========\n[ 1 ] CVE-2019-20218\n https://nvd.nist.gov/vuln/detail/CVE-2019-20218\n[ 2 ] CVE-2020-11655\n https://nvd.nist.gov/vuln/detail/CVE-2020-11655\n[ 3 ] CVE-2020-11656\n https://nvd.nist.gov/vuln/detail/CVE-2020-11656\n[ 4 ] CVE-2020-13434\n https://nvd.nist.gov/vuln/detail/CVE-2020-13434\n[ 5 ] CVE-2020-13435\n https://nvd.nist.gov/vuln/detail/CVE-2020-13435\n[ 6 ] CVE-2020-13630\n https://nvd.nist.gov/vuln/detail/CVE-2020-13630\n[ 7 ] CVE-2020-13631\n https://nvd.nist.gov/vuln/detail/CVE-2020-13631\n[ 8 ] CVE-2020-13632\n https://nvd.nist.gov/vuln/detail/CVE-2020-13632\n[ 9 ] CVE-2020-13871\n https://nvd.nist.gov/vuln/detail/CVE-2020-13871\n[ 10 ] CVE-2020-15358\n https://nvd.nist.gov/vuln/detail/CVE-2020-15358\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202007-26\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. \n\nAssets\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: An attacker may be able to misuse a trust relationship to\ndownload malicious content\nDescription: A trust issue was addressed by removing a legacy API. \nCVE-2020-9976: Rias A. \nEntry added November 12, 2020\n\nInstallation note:\n\nApple TV will periodically check for software updates. ==========================================================================\nUbuntu Security Notice USN-4394-1\nJune 10, 2020\n\nsqlite3 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.04 LTS\n- Ubuntu 19.10\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in SQLite. \n\nSoftware Description:\n- sqlite3: C library that implements an SQL database engine\n\nDetails:\n\nIt was discovered that SQLite incorrectly handled certain corruped schemas. \nAn attacker could possibly use this issue to cause a denial of service. \nThis issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740)\n\nIt was discovered that SQLite incorrectly handled certain SELECT\nstatements. An attacker could possibly use this issue to cause a denial of\nservice. (CVE-2019-19603)\n\nIt was discovered that SQLite incorrectly handled certain self-referential\nviews. An attacker could possibly use this issue to cause a denial of\nservice. (CVE-2019-19645)\n\nHenry Liu discovered that SQLite incorrectly handled certain malformed\nwindow-function queries. An attacker could possibly use this issue to cause\na denial of service. This issue only affected Ubuntu 19.10 and Ubuntu 20.04\nLTS. (CVE-2020-11655)\n\nIt was discovered that SQLite incorrectly handled certain string\noperations. An attacker could use this issue to cause SQLite to crash,\nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2020-13434)\n\nIt was discovered that SQLite incorrectly handled certain expressions. An\nattacker could use this issue to cause SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. This issue only\naffected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13435)\n\nIt was discovered that SQLite incorrectly handled certain fts3 queries. An\nattacker could use this issue to cause SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2020-13630)\n\nIt was discovered that SQLite incorrectly handled certain virtual table\nnames. An attacker could possibly use this issue to cause a denial of\nservice. This issue was only addressed in Ubuntu 19.10 and Ubuntu 20.04\nLTS. (CVE-2020-13631)\n\nIt was discovered that SQLite incorrectly handled certain fts3 queries. An\nattacker could use this issue to cause SQLite to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2020-13632)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.04 LTS:\n libsqlite3-0 3.31.1-4ubuntu0.1\n sqlite3 3.31.1-4ubuntu0.1\n\nUbuntu 19.10:\n libsqlite3-0 3.29.0-2ubuntu0.3\n sqlite3 3.29.0-2ubuntu0.3\n\nUbuntu 18.04 LTS:\n libsqlite3-0 3.22.0-1ubuntu0.4\n sqlite3 3.22.0-1ubuntu0.4\n\nUbuntu 16.04 LTS:\n libsqlite3-0 3.11.0-1ubuntu1.5\n sqlite3 3.11.0-1ubuntu1.5\n\nIn general, a standard system update will make all the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-13630"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"db": "VULHUB",
"id": "VHN-166428"
},
{
"db": "VULMON",
"id": "CVE-2020-13630"
},
{
"db": "PACKETSTORM",
"id": "160624"
},
{
"db": "PACKETSTORM",
"id": "160545"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "158592"
},
{
"db": "PACKETSTORM",
"id": "160062"
},
{
"db": "PACKETSTORM",
"id": "158024"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-166428",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-166428"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-13630",
"trust": 3.2
},
{
"db": "SIEMENS",
"id": "SSA-389290",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "161548",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "158592",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "160545",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005729",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "162659",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159817",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "160961",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "160125",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "160061",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1349",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "158024",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.0584",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3181.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2412",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3732",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2019",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0691",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4513",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4100",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1727",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4060.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2515",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0234",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0171",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1679",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3221",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0099",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0864",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3884",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022071831",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031104",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021052221",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021072292",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060618",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "46788",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-60182",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "160062",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162694",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "160064",
"trust": 0.1
},
{
"db": "CNVD",
"id": "CNVD-2020-31117",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-166428",
"trust": 0.1
},
{
"db": "ICS CERT",
"id": "ICSA-22-069-09",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-13630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "160624",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-166428"
},
{
"db": "VULMON",
"id": "CVE-2020-13630"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"db": "PACKETSTORM",
"id": "160624"
},
{
"db": "PACKETSTORM",
"id": "160545"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "158592"
},
{
"db": "PACKETSTORM",
"id": "160062"
},
{
"db": "PACKETSTORM",
"id": "158024"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1349"
},
{
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"id": "VAR-202005-0222",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-166428"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:19:16.422000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FEDORA-2020-0477f8840e",
"trust": 0.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/l7kxqwhiy2mqp4lnm6odwjenmxyyqybn/"
},
{
"title": "Check-in [0d69f76f]",
"trust": 0.8,
"url": "https://sqlite.org/src/info/0d69f76f0865f962"
},
{
"title": "SQLite Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=121033"
},
{
"title": "Red Hat: Moderate: sqlite security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204442 - security advisory"
},
{
"title": "Ubuntu Security Notice: sqlite3 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4394-1"
},
{
"title": "Red Hat: Moderate: Release of OpenShift Serverless 1.11.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205149 - security advisory"
},
{
"title": "Red Hat: Moderate: Release of OpenShift Serverless 1.12.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210146 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Quay v3.3.3 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210050 - security advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210190 - security advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210436 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205605 - security advisory"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=4a9822530e6b610875f83ffc10e02aba"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ec6577109e640dac19a6ddb978afe82d"
},
{
"title": "snykout",
"trust": 0.1,
"url": "https://github.com/garethr/snykout "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-13630"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1349"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-166428"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/202007-26"
},
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/4394-1/"
},
{
"trust": 1.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13630"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht211843"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht211844"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht211850"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht211931"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht211935"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht211952"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20200608-0002/"
},
{
"trust": 1.8,
"url": "https://security.freebsd.org/advisories/freebsd-sa-20:22.sqlite.asc"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2020/nov/20"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2020/nov/19"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2020/nov/22"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2020/dec/32"
},
{
"trust": 1.8,
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=1080459"
},
{
"trust": 1.8,
"url": "https://sqlite.org/src/info/0d69f76f0865f962"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/l7kxqwhiy2mqp4lnm6odwjenmxyyqybn/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-13630"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/l7kxqwhiy2mqp4lnm6odwjenmxyyqybn/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160125/red-hat-security-advisory-2020-5149-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160961/red-hat-security-advisory-2021-0146-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-3/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-60182"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46788"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2515"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1727"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht211844"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4513/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0234/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2019/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0584"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3884/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4060.2/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022071831"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0171/"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht211935"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162659/red-hat-security-advisory-2021-1968-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072292"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0864"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1679"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3732"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060618"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158024/ubuntu-security-notice-usn-4394-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4100/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021052221"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0691"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160545/apple-security-advisory-2020-12-14-4.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3221"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158592/gentoo-linux-security-advisory-202007-26.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2412"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159817/red-hat-security-advisory-2020-4442-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160061/apple-security-advisory-2020-11-13-3.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0099/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sqlite-three-vulnerabilities-32354"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-wml-ce-wml-ce-sqlite-through-3-32-0-has-various-security-issues/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3181.2/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161548/red-hat-security-advisory-2020-5364-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031104"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13631"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13434"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13435"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15358"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20907"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13050"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20218"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20388"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-15165"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14382"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19221"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-1751"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-7595"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-16168"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9327"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-16935"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20916"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5018"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19956"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14422"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-1730"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19906"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20387"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-1752"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-15903"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-8492"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20454"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-20843"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13627"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-6405"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13050"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14889"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20843"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13632"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10029"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13630"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13631"
},
{
"trust": 0.2,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20218"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11655"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13632"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:4442"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-069-09"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16300"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14466"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9925"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15166"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9802"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16230"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18609"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9895"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8625"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8812"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3899"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-16845"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14467"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8819"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10103"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3867"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16229"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8720"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9893"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8808"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3902"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14465"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18197"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3900"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14461"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14881"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9805"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14464"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8820"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9807"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8769"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8710"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8813"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14463"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16228"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14879"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_container_s"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9862"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14880"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-1551"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3885"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14461"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10018"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5605"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25660"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14468"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8764"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14466"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8844"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16227"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14464"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16452"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16230"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14468"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14467"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14462"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3862"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14880"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14881"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3901"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16300"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8823"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14462"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16229"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3895"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11793"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9894"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8816"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9843"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8771"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16451"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10103"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16228"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9806"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14463"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8814"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8743"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9915"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8815"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16451"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8783"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20807"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14040"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14879"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14019"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14470"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14470"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885700]"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14465"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8766"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16452"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8846"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3868"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3894"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7720"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8782"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10014"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13524"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10016"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10011"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10015"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27894"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27896"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht211931."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14899"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10003"
},
{
"trust": 0.1,
"url": "https://www.knownsec.com/)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10009"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10004"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10008"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10002"
},
{
"trust": 0.1,
"url": "https://www.paloaltonetworks.com/)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10012"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10663"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10006"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10007"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25211"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10726"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19906"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10725"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10723"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10725"
},
{
"trust": 0.1,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5018"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16168"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10722"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10029"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24659"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19956"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1971"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20454"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19221"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10726"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27813"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15903"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20907"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5633"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11656"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13871"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9983"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9981"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9951"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9947"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9944"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9954"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9968"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9943"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9966"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht211843."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9876"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9949"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9950"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9952"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9979"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19645"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/sqlite3/3.22.0-1ubuntu0.4"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4394-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/sqlite3/3.29.0-2ubuntu0.3"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19603"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/sqlite3/3.31.1-4ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8740"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/sqlite3/3.11.0-1ubuntu1.5"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-166428"
},
{
"db": "VULMON",
"id": "CVE-2020-13630"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"db": "PACKETSTORM",
"id": "160624"
},
{
"db": "PACKETSTORM",
"id": "160545"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "158592"
},
{
"db": "PACKETSTORM",
"id": "160062"
},
{
"db": "PACKETSTORM",
"id": "158024"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1349"
},
{
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-166428"
},
{
"db": "VULMON",
"id": "CVE-2020-13630"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"db": "PACKETSTORM",
"id": "160624"
},
{
"db": "PACKETSTORM",
"id": "160545"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "158592"
},
{
"db": "PACKETSTORM",
"id": "160062"
},
{
"db": "PACKETSTORM",
"id": "158024"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1349"
},
{
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-27T00:00:00",
"db": "VULHUB",
"id": "VHN-166428"
},
{
"date": "2020-05-27T00:00:00",
"db": "VULMON",
"id": "CVE-2020-13630"
},
{
"date": "2020-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"date": "2020-12-18T19:14:41",
"db": "PACKETSTORM",
"id": "160624"
},
{
"date": "2020-12-16T18:05:29",
"db": "PACKETSTORM",
"id": "160545"
},
{
"date": "2021-02-25T15:30:03",
"db": "PACKETSTORM",
"id": "161548"
},
{
"date": "2020-07-27T18:32:44",
"db": "PACKETSTORM",
"id": "158592"
},
{
"date": "2020-11-13T22:22:22",
"db": "PACKETSTORM",
"id": "160062"
},
{
"date": "2020-06-10T15:13:56",
"db": "PACKETSTORM",
"id": "158024"
},
{
"date": "2020-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-1349"
},
{
"date": "2020-05-27T15:15:12.867000",
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-166428"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-13630"
},
{
"date": "2020-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005729"
},
{
"date": "2023-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-1349"
},
{
"date": "2023-11-07T03:16:46.767000",
"db": "NVD",
"id": "CVE-2020-13630"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-1349"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQLite Vulnerability in using free memory in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005729"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-1349"
}
],
"trust": 0.6
}
}
VAR-201806-1449
Vulnerability from variot - Updated: 2024-07-23 22:18An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.4; Safari prior to 11.1.1; Windows-based iCloud prior to 7.5; Windows-based iTunes prior to 12.7.5; tvOS prior to 11.4; watchOS 4.3. 1 previous version. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2018-7-23-4 Additional information for APPLE-SA-2018-06-01-6 tvOS 11.4
tvOS 11.4 addresses the following:
Bluetooth Available for: Apple TV 4K Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2018-5383: Lior Neumann and Eli Biham Entry added July 23, 2018
Crash Reporter Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved error handling. CVE-2018-4206: Ian Beer of Google Project Zero
FontParser Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2018-4241: Ian Beer of Google Project Zero CVE-2018-4243: Ian Beer of Google Project Zero
Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4249: Kevin Backhouse of Semmle Ltd.
libxpc Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved validation. CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative
Messages Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to conduct impersonation attacks Description: An injection issue was addressed with improved input validation. CVE-2018-4235: Anurodh Pokharel of Salesforce.com
Messages Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted message may lead to a denial of service Description: This issue was addressed with improved message validation. CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd
Security Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to read a persistent device identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4224: Abraham Masri (@cheesecakeufo)
Security Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to read a persistent account identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4223: Abraham Masri (@cheesecakeufo)
UIKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A validation issue existed in the handling of text. This issue was addressed with improved validation of text. CVE-2018-4198: Hunter Byrnes
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. CVE-2018-4232: an anonymous researcher, Aymeric Chaib
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A race condition was addressed with improved locking. CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4214: found by OSS-Fuzz
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4246: found by OSS-Fuzz
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2018-4200: Ivan Fratric of Google Project Zero
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4201: an anonymous researcher CVE-2018-4218: Natalie Silvanovich of Google Project Zero CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Visiting a maliciously crafted website may leak sensitive data Description: Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. CVE-2018-4190: Jun Kokatsu (@shhnjk)
WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4222: Natalie Silvanovich of Google Project Zero
Installation note:
Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software."
To check the current version of software, select "Settings -> General -> About."
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUsiMACgkQ8ecVjteJ iCYcZBAAusSQ6lM5Qebyc48iNEu/DUrOwUVyN6MNjo0699Xm+kbu+0u/JQNf75jw ZeelK31NLRyRx9BuK7u4J20gi+hsWI7N9wtVkeOaPiE/Ha45uEVaJ6lSSJOIZ3rZ oXb4PiL8+bSukiRgBvFhnxDwGCGefg8udRjtONRlCuMvyZAY09LT6cgZOXSEJEbF ecVmvDAEEwH1hcTV7PJbQ4nCkv97DA8dPVTbUUbtPXCOPYjsClz1JSUubOSDw3d4 7tq4pfs6ZJFZCE8JFJFY+CCIWuE1FppTE7FVJVfFdpAri+prTeGZJppzEjJDZR2g 4lCOyx926Mp5tqZx6WZc1Xkz8LJaZbEWPrfGW4wKMFIC7WPwhyi7y2NqVfcjbubW aOsfQFwbCx9KlfOfUMJtbAaha7TBiDJV5u2PMILL3ct2BRX+LqEUrlrR1uwhF5VZ npPX9cEwMbWRCj7QJC9bmRT1mPYKD+sK5HqBc7Ftp3NYv1hjhEz6iVcF7HYY9T2j aYzvsXaMilihEaDRu4H/0wLX4abUrOtUwFowuehUkNF30cgBrtyWcJl6K6/WaW2C IdmF0IB4T4MRWyPKY2r1A+rBerCaoxb0IBucOP9JO4V1uDrCoHdxEL9LfjXlz/tx CiPvy4EaV2aIDjSfkf75IXtHx2ueIFfdTGVH1OEdX9JoCSqNRPQ= =8ofX -----END PGP SIGNATURE----- .
Alternatively, on your watch, select "My Watch > General > About"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1449",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.4"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.1.1"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.4"
},
{
"model": "icloud",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.5"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.7.5"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "icloud",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.5 (windows 7 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (ipad air or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (iphone 5s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (ipod touch first 6 generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 12.7.5 (windows 7 or later )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.1 (macos high sierra 10.13.4)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.1 (macos sierra 10.12.6)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.1 (os x el capitan 10.11.6)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (apple tv 4k)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (apple tv first 4 generation )"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "4.3.1 (apple watch all models )"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.4.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.0.4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-589"
},
{
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.7.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "148645"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148026"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148016"
}
],
"trust": 0.7
},
"cve": "CVE-2018-4246",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-4246",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-134277",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-4246",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4246",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-589",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134277",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-4246",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134277"
},
{
"db": "VULMON",
"id": "CVE-2018-4246"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-589"
},
{
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.4; Safari prior to 11.1.1; Windows-based iCloud prior to 7.5; Windows-based iTunes prior to 12.7.5; tvOS prior to 11.4; watchOS 4.3. 1 previous version. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-7-23-4 Additional information for\nAPPLE-SA-2018-06-01-6 tvOS 11.4\n\ntvOS 11.4 addresses the following:\n\nBluetooth\nAvailable for: Apple TV 4K\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic\nDescription: An input validation issue existed in Bluetooth. This\nissue was addressed with improved input validation. \nCVE-2018-5383: Lior Neumann and Eli Biham\nEntry added July 23, 2018\n\nCrash Reporter\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: An application may be able to gain elevated privileges\nDescription: A memory corruption issue was addressed with improved\nerror handling. \nCVE-2018-4206: Ian Beer of Google Project Zero\n\nFontParser\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2018-4211: Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A buffer overflow was addressed with improved bounds\nchecking. \nCVE-2018-4241: Ian Beer of Google Project Zero\nCVE-2018-4243: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4249: Kevin Backhouse of Semmle Ltd. \n\nlibxpc\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: An application may be able to gain elevated privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro\u0027s Zero\nDay Initiative\n\nMessages\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: A local user may be able to conduct impersonation attacks\nDescription: An injection issue was addressed with improved input\nvalidation. \nCVE-2018-4235: Anurodh Pokharel of Salesforce.com\n\nMessages\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing a maliciously crafted message may lead to a denial\nof service\nDescription: This issue was addressed with improved message\nvalidation. \nCVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd\n\nSecurity\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: A local user may be able to read a persistent device\nidentifier\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4224: Abraham Masri (@cheesecakeufo)\n\nSecurity\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: A local user may be able to read a persistent account\nidentifier\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4223: Abraham Masri (@cheesecakeufo)\n\nUIKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing a maliciously crafted text file may lead to a\ndenial of service\nDescription: A validation issue existed in the handling of text. This\nissue was addressed with improved validation of text. \nCVE-2018-4198: Hunter Byrnes\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Visiting a maliciously crafted website may lead to cookies\nbeing overwritten\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed with improved restrictions. \nCVE-2018-4232: an anonymous researcher, Aymeric Chaib\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A race condition was addressed with improved locking. \nCVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat\nof Ret2 Systems, Inc working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may lead to an\nunexpected Safari crash\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4214: found by OSS-Fuzz\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working\nwith Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A type confusion issue was addressed with improved\nmemory handling. \nCVE-2018-4246: found by OSS-Fuzz\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2018-4200: Ivan Fratric of Google Project Zero\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4201: an anonymous researcher\nCVE-2018-4218: Natalie Silvanovich of Google Project Zero\nCVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro\u0027s Zero\nDay Initiative\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils\nof MWR Labs working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Visiting a maliciously crafted website may leak sensitive\ndata\nDescription: Credentials were unexpectedly sent when fetching CSS\nmask images. This was addressed by using a CORS-enabled fetch method. \nCVE-2018-4190: Jun Kokatsu (@shhnjk)\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2018-4222: Natalie Silvanovich of Google Project Zero\n\nInstallation note:\n\nApple TV will periodically check for software updates. Alternatively,\nyou may manually check for software updates by selecting\n\"Settings -\u003e System -\u003e Software Update -\u003e Update Software.\"\n\nTo check the current version of software, select\n\"Settings -\u003e General -\u003e About.\"\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUsiMACgkQ8ecVjteJ\niCYcZBAAusSQ6lM5Qebyc48iNEu/DUrOwUVyN6MNjo0699Xm+kbu+0u/JQNf75jw\nZeelK31NLRyRx9BuK7u4J20gi+hsWI7N9wtVkeOaPiE/Ha45uEVaJ6lSSJOIZ3rZ\noXb4PiL8+bSukiRgBvFhnxDwGCGefg8udRjtONRlCuMvyZAY09LT6cgZOXSEJEbF\necVmvDAEEwH1hcTV7PJbQ4nCkv97DA8dPVTbUUbtPXCOPYjsClz1JSUubOSDw3d4\n7tq4pfs6ZJFZCE8JFJFY+CCIWuE1FppTE7FVJVfFdpAri+prTeGZJppzEjJDZR2g\n4lCOyx926Mp5tqZx6WZc1Xkz8LJaZbEWPrfGW4wKMFIC7WPwhyi7y2NqVfcjbubW\naOsfQFwbCx9KlfOfUMJtbAaha7TBiDJV5u2PMILL3ct2BRX+LqEUrlrR1uwhF5VZ\nnpPX9cEwMbWRCj7QJC9bmRT1mPYKD+sK5HqBc7Ftp3NYv1hjhEz6iVcF7HYY9T2j\naYzvsXaMilihEaDRu4H/0wLX4abUrOtUwFowuehUkNF30cgBrtyWcJl6K6/WaW2C\nIdmF0IB4T4MRWyPKY2r1A+rBerCaoxb0IBucOP9JO4V1uDrCoHdxEL9LfjXlz/tx\nCiPvy4EaV2aIDjSfkf75IXtHx2ueIFfdTGVH1OEdX9JoCSqNRPQ=\n=8ofX\n-----END PGP SIGNATURE-----\n. \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\"",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4246"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"db": "VULHUB",
"id": "VHN-134277"
},
{
"db": "VULMON",
"id": "CVE-2018-4246"
},
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "148645"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148026"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148016"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4246",
"trust": 3.3
},
{
"db": "SECTRACK",
"id": "1041029",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU98864649",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005811",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-589",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-134277",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4246",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148645",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148644",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148028",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148027",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148016",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134277"
},
{
"db": "VULMON",
"id": "CVE-2018-4246"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "148645"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148026"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148016"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-589"
},
{
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"id": "VAR-201806-1449",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134277"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:18:16.692000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT208853",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208853"
},
{
"title": "HT208854",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208854"
},
{
"title": "HT208848",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208848"
},
{
"title": "HT208850",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208850"
},
{
"title": "HT208851",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208851"
},
{
"title": "HT208852",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208852"
},
{
"title": "HT208848",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208848"
},
{
"title": "HT208850",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208850"
},
{
"title": "HT208851",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208851"
},
{
"title": "HT208852",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208852"
},
{
"title": "HT208853",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208853"
},
{
"title": "HT208854",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208854"
},
{
"title": "Multiple Apple product WebKit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80783"
},
{
"title": "Apple: Safari 11.1.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=a694f067de60896ce5475c3b24f85ae2"
},
{
"title": "Apple: iTunes 12.7.5 for Windows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=427778ba6ddba25910ede3bba3ecff86"
},
{
"title": "Apple: iCloud for Windows 7.5",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=02a7454fe2f6b5665d8cc96d80b7dfc4"
},
{
"title": "Apple: watchOS 4.3.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0f4c2f01c97a0857022a69b5486be838"
},
{
"title": "Ubuntu Security Notice: webkit2gtk vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3743-1"
},
{
"title": "Apple: tvOS 11.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=d2d0b1ec71830547fb971d63ee3beadb"
},
{
"title": "Apple: iOS 11.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0f3db097f895347566033494c2dda90b"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2196fa008592287290cbd6678fbe10d4"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-4246"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-589"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-704",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134277"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/3743-1/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208848"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208850"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208851"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208852"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208853"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208854"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1041029"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4246"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4246"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98864649/index.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4233"
},
{
"trust": 0.7,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4214"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4192"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4201"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4222"
},
{
"trust": 0.7,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4218"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4224"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4190"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4188"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4232"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4199"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4225"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4204"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4200"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4226"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4249"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4235"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4243"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4198"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4240"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4237"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4223"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4206"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4211"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4241"
},
{
"trust": 0.2,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5383"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/704.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht208854"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht204283"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4247"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4205"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134277"
},
{
"db": "VULMON",
"id": "CVE-2018-4246"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "148645"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148026"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148016"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-589"
},
{
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-134277"
},
{
"db": "VULMON",
"id": "CVE-2018-4246"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "148645"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148026"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148016"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-589"
},
{
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-134277"
},
{
"date": "2018-06-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4246"
},
{
"date": "2018-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"date": "2018-06-04T15:58:18",
"db": "PACKETSTORM",
"id": "148017"
},
{
"date": "2018-07-23T15:22:22",
"db": "PACKETSTORM",
"id": "148645"
},
{
"date": "2018-07-23T14:04:44",
"db": "PACKETSTORM",
"id": "148644"
},
{
"date": "2018-06-04T16:10:27",
"db": "PACKETSTORM",
"id": "148028"
},
{
"date": "2018-06-04T16:09:27",
"db": "PACKETSTORM",
"id": "148026"
},
{
"date": "2018-06-04T16:10:01",
"db": "PACKETSTORM",
"id": "148027"
},
{
"date": "2018-06-04T15:57:32",
"db": "PACKETSTORM",
"id": "148016"
},
{
"date": "2018-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-589"
},
{
"date": "2018-06-08T18:29:02.633000",
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-134277"
},
{
"date": "2019-03-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4246"
},
{
"date": "2018-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005811"
},
{
"date": "2019-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-589"
},
{
"date": "2019-03-07T20:56:38.760000",
"db": "NVD",
"id": "CVE-2018-4246"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-589"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Used in products Webkit Vulnerability in arbitrary code execution in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005811"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow, code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "148645"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148026"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148016"
}
],
"trust": 0.7
}
}
VAR-201901-1586
Vulnerability from variot - Updated: 2024-07-23 22:14In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. plural Apple The product contains a vulnerability in which sound acquired via audio elements is acquired with cross-origin.Sounds may be acquired with a cross-origin. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. iTunes for Windows is a media player application based on the Windows platform. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.4.1; Safari prior to 11.1.2; Windows-based iTunes prior to 12.8; tvOS prior to 11.4.1; Windows-based iCloud prior to 7.6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04
https://security.gentoo.org/
Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04
Synopsis
Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution.
Background
WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
[ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2018-7-9-1 iOS 11.4.1
iOS 11.4.1 is now available and addresses the following:
CFNetwork Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improved checks. CVE-2018-4293: an anonymous researcher
Emoji Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing an emoji under certain configurations may lead to a denial of service Description: A denial of service issue was addressed with improved memory handling. CVE-2018-4290: Patrick Wardle of Digita Security
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. CVE-2018-4282: Proteas of Qihoo 360 Nirvan Team
libxpc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4280: Brandon Azad
libxpc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4248: Brandon Azad
LinkPresentation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. CVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate audio data cross-origin Description: Sound fetched through audio elements may be exfiltrated cross-origin. CVE-2018-4278: Jun Kokatsu (@shhnjk)
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to cause a denial of service Description: A race condition was addressed with additional validation. CVE-2018-4266: found by OSS-Fuzz
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. CVE-2018-4274: an anonymous researcher
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4270: found by OSS-Fuzz
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4284: Found by OSS-Fuzz
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4271: found by OSS-Fuzz CVE-2018-4273: found by OSS-Fuzz
WebKit Page Loading Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com)
Wi-Fi Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling.
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "iOS 11.4.1".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltDyFEpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQ8ecVjteJiCaYqQ/+ LoOw2Hgwr9l7EplQS1O9t9ssVvjaQ25JhxeAkEHhrrLTTpEHNOYhBgPj3XV3DkNT QR1XDKykgVXq1jAMqy2CzpVvb0bWrhAZte7lwLwTKiSdzWzY99LspMtck0uZXg5y qoePuHIifMF5oMzRsLq2IDKj7sDJ3mEOjOGizfJ5BRdFOZPKmuTLK/LnafzoqlOY XAYMj3puFWnlMs1ewTTbup5Oh0totisA7WlpDleG+a/IborfXe89nvUIAEyPH3UF jbPXGlIrB+aofMmoxgbJ7YDXm+7RZbRShrqS3IIwbuVWlWxi8M6AYvlFCAxKc3In R3Bum13NIR8ZTfLARmrRos54kzmygazCHK0yIkeKvJW3uSFIOUbBtkKQ8EpE8og9 KzNvxyMd5Le6kCJe8JECl6jrfnY7QrYBIPxowXymfcRyYpnpIidYHUPlej8OZYnT fH8lWsE09CikZjBLyKmM6NJ4Y24CAmILyJWTmrM+pM9jLN9InWxTr0raY+MiULnI MZgqDuP+wMKfcGGngOkDnmm84w4RSnwK7bRgVtCWV99rnqZvzDgoYhJXDyXXuPqL P0HN+TKdCJ7e+C4boqDup2Ojz7YhFXfCwkJ1fHLD+L+Aj46eLbuu9936vGgvAzQI 7aT98URG/GMffZ3Y53yDJZxHDTnFQ5/tOlNBv8LKJDA= =mzJ2 -----END PGP SIGNATURE----- . ------------------------------------------------------------------------ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0006
Date reported : August 07, 2018 Advisory ID : WSA-2018-0006 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0006.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0006.html CVE identifiers : CVE-2018-4246, CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4271, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284, CVE-2018-12911.
Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit.
CVE-2018-4246 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.1. Credit to OSS-Fuzz. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4261 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to Omair working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4262 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to Mateusz Krzywicki working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4263 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to Arayz working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4264 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light- Year Security Lab. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4265 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to cc working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4266 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to OSS-Fuzz. A malicious website may be able to cause a denial of service. A race condition was addressed with additional validation.
CVE-2018-4267 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to Arayz of Pangu team working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4270 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to OSS-Fuzz. Processing maliciously crafted web content may lead to an unexpected application crash.
CVE-2018-4271 Versions affected: WebKitGTK+ before 2.20.2. Credit to OSS-Fuzz. Processing maliciously crafted web content may lead to an unexpected application crash.
CVE-2018-4272 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to OSS-Fuzz. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4273 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to OSS-Fuzz. Processing maliciously crafted web content may lead to an unexpected application crash.
CVE-2018-4278 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to Jun Kokatsu (@shhnjk). A malicious website may exfiltrate audio data cross-origin.
CVE-2018-4284 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to OSS-Fuzz. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-12911 Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. Credit to Yu Haiwan. Processing maliciously crafted web content may lead to arbitrary code execution.
We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases.
Further information about WebKitGTK+ and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/.
The WebKitGTK+ and WPE WebKit team, August 07, 2018 . CVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com)
Installation note:
Safari 11.1.2 may be obtained from the Mac App Store. ========================================================================== Ubuntu Security Notice USN-3743-1 August 16, 2018
webkit2gtk vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description: - webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: libjavascriptcoregtk-4.0-18 2.20.5-0ubuntu0.18.04.1 libwebkit2gtk-4.0-37 2.20.5-0ubuntu0.18.04.1
Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.5-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.5-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3743-1 CVE-2018-12911, CVE-2018-4246, CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284
Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.5-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.5-0ubuntu0.16.04.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-1586",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.4.1"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.4.1"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.1.2"
},
{
"model": "icloud",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.6"
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "icloud",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 7.6 (windows 7 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4.1 (ipad air or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4.1 (iphone 5s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4.1 (ipod touch first 6 generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 12.8 (windows 7 or later )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.2 (macos high sierra 10.13.4)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.2 (macos sierra 10.12.6)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.2 (os x el capitan 10.11.6)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4.1 (apple tv 4k)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4.1 (apple tv first 4 generation )"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.4.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.3.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.3.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-414"
},
{
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.4.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.4.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "148467"
},
{
"db": "PACKETSTORM",
"id": "148465"
},
{
"db": "PACKETSTORM",
"id": "148477"
},
{
"db": "PACKETSTORM",
"id": "148469"
}
],
"trust": 0.4
},
"cve": "CVE-2018-4278",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-4278",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-134309",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-4278",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4278",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-414",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-134309",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-4278",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134309"
},
{
"db": "VULMON",
"id": "CVE-2018-4278"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-414"
},
{
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. plural Apple The product contains a vulnerability in which sound acquired via audio elements is acquired with cross-origin.Sounds may be acquired with a cross-origin. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. iTunes for Windows is a media player application based on the Windows platform. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.4.1; Safari prior to 11.1.2; Windows-based iTunes prior to 12.8; tvOS prior to 11.4.1; Windows-based iCloud prior to 7.6. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201808-04\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: WebkitGTK+: Multiple vulnerabilities\n Date: August 22, 2018\n Bugs: #652820, #658168, #662974\n ID: 201808-04\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in WebKitGTK+, the worst of\nwhich may lead to arbitrary code execution. \n\nBackground\n==========\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine,\nsuitable for projects requiring any kind of web integration, from\nhybrid HTML/CSS applications to full-fledged web browsers. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/webkit-gtk \u003c 2.20.4 \u003e= 2.20.4\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please\nreview the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll WebkitGTK+ users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-libs/webkit-gtk-2.20.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-11646\n https://nvd.nist.gov/vuln/detail/CVE-2018-11646\n[ 2 ] CVE-2018-11712\n https://nvd.nist.gov/vuln/detail/CVE-2018-11712\n[ 3 ] CVE-2018-11713\n https://nvd.nist.gov/vuln/detail/CVE-2018-11713\n[ 4 ] CVE-2018-12293\n https://nvd.nist.gov/vuln/detail/CVE-2018-12293\n[ 5 ] CVE-2018-12294\n https://nvd.nist.gov/vuln/detail/CVE-2018-12294\n[ 6 ] CVE-2018-4101\n https://nvd.nist.gov/vuln/detail/CVE-2018-4101\n[ 7 ] CVE-2018-4113\n https://nvd.nist.gov/vuln/detail/CVE-2018-4113\n[ 8 ] CVE-2018-4114\n https://nvd.nist.gov/vuln/detail/CVE-2018-4114\n[ 9 ] CVE-2018-4117\n https://nvd.nist.gov/vuln/detail/CVE-2018-4117\n[ 10 ] CVE-2018-4118\n https://nvd.nist.gov/vuln/detail/CVE-2018-4118\n[ 11 ] CVE-2018-4119\n https://nvd.nist.gov/vuln/detail/CVE-2018-4119\n[ 12 ] CVE-2018-4120\n https://nvd.nist.gov/vuln/detail/CVE-2018-4120\n[ 13 ] CVE-2018-4121\n https://nvd.nist.gov/vuln/detail/CVE-2018-4121\n[ 14 ] CVE-2018-4122\n https://nvd.nist.gov/vuln/detail/CVE-2018-4122\n[ 15 ] CVE-2018-4125\n https://nvd.nist.gov/vuln/detail/CVE-2018-4125\n[ 16 ] CVE-2018-4127\n https://nvd.nist.gov/vuln/detail/CVE-2018-4127\n[ 17 ] CVE-2018-4128\n https://nvd.nist.gov/vuln/detail/CVE-2018-4128\n[ 18 ] CVE-2018-4129\n https://nvd.nist.gov/vuln/detail/CVE-2018-4129\n[ 19 ] CVE-2018-4133\n https://nvd.nist.gov/vuln/detail/CVE-2018-4133\n[ 20 ] CVE-2018-4146\n https://nvd.nist.gov/vuln/detail/CVE-2018-4146\n[ 21 ] CVE-2018-4162\n https://nvd.nist.gov/vuln/detail/CVE-2018-4162\n[ 22 ] CVE-2018-4163\n https://nvd.nist.gov/vuln/detail/CVE-2018-4163\n[ 23 ] CVE-2018-4165\n https://nvd.nist.gov/vuln/detail/CVE-2018-4165\n[ 24 ] CVE-2018-4190\n https://nvd.nist.gov/vuln/detail/CVE-2018-4190\n[ 25 ] CVE-2018-4192\n https://nvd.nist.gov/vuln/detail/CVE-2018-4192\n[ 26 ] CVE-2018-4199\n https://nvd.nist.gov/vuln/detail/CVE-2018-4199\n[ 27 ] CVE-2018-4200\n https://nvd.nist.gov/vuln/detail/CVE-2018-4200\n[ 28 ] CVE-2018-4201\n https://nvd.nist.gov/vuln/detail/CVE-2018-4201\n[ 29 ] CVE-2018-4204\n https://nvd.nist.gov/vuln/detail/CVE-2018-4204\n[ 30 ] CVE-2018-4214\n https://nvd.nist.gov/vuln/detail/CVE-2018-4214\n[ 31 ] CVE-2018-4218\n https://nvd.nist.gov/vuln/detail/CVE-2018-4218\n[ 32 ] CVE-2018-4222\n https://nvd.nist.gov/vuln/detail/CVE-2018-4222\n[ 33 ] CVE-2018-4232\n https://nvd.nist.gov/vuln/detail/CVE-2018-4232\n[ 34 ] CVE-2018-4233\n https://nvd.nist.gov/vuln/detail/CVE-2018-4233\n[ 35 ] CVE-2018-4261\n https://nvd.nist.gov/vuln/detail/CVE-2018-4261\n[ 36 ] CVE-2018-4262\n https://nvd.nist.gov/vuln/detail/CVE-2018-4262\n[ 37 ] CVE-2018-4263\n https://nvd.nist.gov/vuln/detail/CVE-2018-4263\n[ 38 ] CVE-2018-4264\n https://nvd.nist.gov/vuln/detail/CVE-2018-4264\n[ 39 ] CVE-2018-4265\n https://nvd.nist.gov/vuln/detail/CVE-2018-4265\n[ 40 ] CVE-2018-4266\n https://nvd.nist.gov/vuln/detail/CVE-2018-4266\n[ 41 ] CVE-2018-4267\n https://nvd.nist.gov/vuln/detail/CVE-2018-4267\n[ 42 ] CVE-2018-4270\n https://nvd.nist.gov/vuln/detail/CVE-2018-4270\n[ 43 ] CVE-2018-4272\n https://nvd.nist.gov/vuln/detail/CVE-2018-4272\n[ 44 ] CVE-2018-4273\n https://nvd.nist.gov/vuln/detail/CVE-2018-4273\n[ 45 ] CVE-2018-4278\n https://nvd.nist.gov/vuln/detail/CVE-2018-4278\n[ 46 ] CVE-2018-4284\n https://nvd.nist.gov/vuln/detail/CVE-2018-4284\n[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003\n https://webkitgtk.org/security/WSA-2018-0003.html\n[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004\n https://webkitgtk.org/security/WSA-2018-0004.html\n[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005\n https://webkitgtk.org/security/WSA-2018-0005.html\n[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006\n https://webkitgtk.org/security/WSA-2018-0006.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201808-04\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-7-9-1 iOS 11.4.1\n\niOS 11.4.1 is now available and addresses the following:\n\nCFNetwork\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Cookies may unexpectedly persist in Safari\nDescription: A cookie management issue was addressed with improved\nchecks. \nCVE-2018-4293: an anonymous researcher\n\nEmoji\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing an emoji under certain configurations may lead to\na denial of service\nDescription: A denial of service issue was addressed with improved\nmemory handling. \nCVE-2018-4290: Patrick Wardle of Digita Security\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to read kernel memory\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. \nCVE-2018-4282: Proteas of Qihoo 360 Nirvan Team\n\nlibxpc\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4280: Brandon Azad\n\nlibxpc\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2018-4248: Brandon Azad\n\nLinkPresentation\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: A spoofing issue existed in the handling of URLs. \nCVE-2018-4277: xisigr of Tencent\u0027s Xuanwu Lab (tencent.com)\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may exfiltrate audio data cross-origin\nDescription: Sound fetched through audio elements may be exfiltrated\ncross-origin. \nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may be able to cause a denial of service\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4266: found by OSS-Fuzz\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: A spoofing issue existed in the handling of URLs. \nCVE-2018-4274: an anonymous researcher\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to an\nunexpected Safari crash\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4270: found by OSS-Fuzz\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A type confusion issue was addressed with improved\nmemory handling. \nCVE-2018-4284: Found by OSS-Fuzz\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4271: found by OSS-Fuzz\nCVE-2018-4273: found by OSS-Fuzz\n\nWebKit Page Loading\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4260: xisigr of Tencent\u0027s Xuanwu Lab (tencent.com)\n\nWi-Fi\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom https://www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"iOS 11.4.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCABHFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltDyFEpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQ8ecVjteJiCaYqQ/+\nLoOw2Hgwr9l7EplQS1O9t9ssVvjaQ25JhxeAkEHhrrLTTpEHNOYhBgPj3XV3DkNT\nQR1XDKykgVXq1jAMqy2CzpVvb0bWrhAZte7lwLwTKiSdzWzY99LspMtck0uZXg5y\nqoePuHIifMF5oMzRsLq2IDKj7sDJ3mEOjOGizfJ5BRdFOZPKmuTLK/LnafzoqlOY\nXAYMj3puFWnlMs1ewTTbup5Oh0totisA7WlpDleG+a/IborfXe89nvUIAEyPH3UF\njbPXGlIrB+aofMmoxgbJ7YDXm+7RZbRShrqS3IIwbuVWlWxi8M6AYvlFCAxKc3In\nR3Bum13NIR8ZTfLARmrRos54kzmygazCHK0yIkeKvJW3uSFIOUbBtkKQ8EpE8og9\nKzNvxyMd5Le6kCJe8JECl6jrfnY7QrYBIPxowXymfcRyYpnpIidYHUPlej8OZYnT\nfH8lWsE09CikZjBLyKmM6NJ4Y24CAmILyJWTmrM+pM9jLN9InWxTr0raY+MiULnI\nMZgqDuP+wMKfcGGngOkDnmm84w4RSnwK7bRgVtCWV99rnqZvzDgoYhJXDyXXuPqL\nP0HN+TKdCJ7e+C4boqDup2Ojz7YhFXfCwkJ1fHLD+L+Aj46eLbuu9936vGgvAzQI\n7aT98URG/GMffZ3Y53yDJZxHDTnFQ5/tOlNBv8LKJDA=\n=mzJ2\n-----END PGP SIGNATURE-----\n. ------------------------------------------------------------------------\nWebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0006\n------------------------------------------------------------------------\n\nDate reported : August 07, 2018\nAdvisory ID : WSA-2018-0006\nWebKitGTK+ Advisory URL : \nhttps://webkitgtk.org/security/WSA-2018-0006.html\nWPE WebKit Advisory URL : \nhttps://wpewebkit.org/security/WSA-2018-0006.html\nCVE identifiers : CVE-2018-4246, CVE-2018-4261, CVE-2018-4262,\n CVE-2018-4263, CVE-2018-4264, CVE-2018-4265,\n CVE-2018-4266, CVE-2018-4267, CVE-2018-4270,\n CVE-2018-4271, CVE-2018-4272, CVE-2018-4273,\n CVE-2018-4278, CVE-2018-4284, CVE-2018-12911. \n\nSeveral vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. \n\nCVE-2018-4246\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.1. \n Credit to OSS-Fuzz. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-4261\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to Omair working with Trend Micro\u0027s Zero Day Initiative. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-4262\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to Mateusz Krzywicki working with Trend Micro\u0027s Zero Day\n Initiative. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-4263\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to Arayz working with Trend Micro\u0027s Zero Day Initiative. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-4264\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-\n Year Security Lab. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-4265\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to cc working with Trend Micro\u0027s Zero Day Initiative. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-4266\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to OSS-Fuzz. \n A malicious website may be able to cause a denial of service. A race\n condition was addressed with additional validation. \n\nCVE-2018-4267\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to Arayz of Pangu team working with Trend Micro\u0027s Zero Day\n Initiative. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-4270\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to OSS-Fuzz. \n Processing maliciously crafted web content may lead to an unexpected\n application crash. \n\nCVE-2018-4271\n Versions affected: WebKitGTK+ before 2.20.2. \n Credit to OSS-Fuzz. \n Processing maliciously crafted web content may lead to an unexpected\n application crash. \n\nCVE-2018-4272\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to OSS-Fuzz. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-4273\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to OSS-Fuzz. \n Processing maliciously crafted web content may lead to an unexpected\n application crash. \n\nCVE-2018-4278\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to Jun Kokatsu (@shhnjk). \n A malicious website may exfiltrate audio data cross-origin. \n\nCVE-2018-4284\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to OSS-Fuzz. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\nCVE-2018-12911\n Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before\n 2.20.2. \n Credit to Yu Haiwan. \n Processing maliciously crafted web content may lead to arbitrary\n code execution. \n\n\nWe recommend updating to the latest stable versions of WebKitGTK+ and\nWPE WebKit. It is the best way to ensure that you are running safe\nversions of WebKit. Please check our websites for information about the\nlatest stable releases. \n\nFurther information about WebKitGTK+ and WPE WebKit security advisories\ncan be found at: https://webkitgtk.org/security.html or\nhttps://wpewebkit.org/security/. \n\nThe WebKitGTK+ and WPE WebKit team,\nAugust 07, 2018\n. \nCVE-2018-4260: xisigr of Tencent\u0027s Xuanwu Lab (tencent.com)\n\nInstallation note:\n\nSafari 11.1.2 may be obtained from the Mac App Store. ==========================================================================\nUbuntu Security Notice USN-3743-1\nAugust 16, 2018\n\nwebkit2gtk vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in WebKitGTK+. \n\nSoftware Description:\n- webkit2gtk: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKitGTK+ Web and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.04 LTS:\n libjavascriptcoregtk-4.0-18 2.20.5-0ubuntu0.18.04.1\n libwebkit2gtk-4.0-37 2.20.5-0ubuntu0.18.04.1\n\nUbuntu 16.04 LTS:\n libjavascriptcoregtk-4.0-18 2.20.5-0ubuntu0.16.04.1\n libwebkit2gtk-4.0-37 2.20.5-0ubuntu0.16.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any applications\nthat use WebKitGTK+, such as Epiphany, to make all the necessary changes. \n\nReferences:\n https://usn.ubuntu.com/usn/usn-3743-1\n CVE-2018-12911, CVE-2018-4246, CVE-2018-4261, CVE-2018-4262,\n CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266,\n CVE-2018-4267, CVE-2018-4270, CVE-2018-4272, CVE-2018-4273,\n CVE-2018-4278, CVE-2018-4284\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.5-0ubuntu0.18.04.1\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.5-0ubuntu0.16.04.1\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4278"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"db": "VULHUB",
"id": "VHN-134309"
},
{
"db": "VULMON",
"id": "CVE-2018-4278"
},
{
"db": "PACKETSTORM",
"id": "148467"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "148465"
},
{
"db": "PACKETSTORM",
"id": "148854"
},
{
"db": "PACKETSTORM",
"id": "148477"
},
{
"db": "PACKETSTORM",
"id": "148469"
},
{
"db": "PACKETSTORM",
"id": "148970"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4278",
"trust": 3.3
},
{
"db": "SECTRACK",
"id": "1041232",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU93082496",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013511",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-414",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-134309",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4278",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148467",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148465",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148854",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148477",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148469",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148970",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134309"
},
{
"db": "VULMON",
"id": "CVE-2018-4278"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"db": "PACKETSTORM",
"id": "148467"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "148465"
},
{
"db": "PACKETSTORM",
"id": "148854"
},
{
"db": "PACKETSTORM",
"id": "148477"
},
{
"db": "PACKETSTORM",
"id": "148469"
},
{
"db": "PACKETSTORM",
"id": "148970"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-414"
},
{
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"id": "VAR-201901-1586",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134309"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:14:43.295000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT208932",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208932"
},
{
"title": "HT208933",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208933"
},
{
"title": "HT208934",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208934"
},
{
"title": "HT208936",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208936"
},
{
"title": "HT208938",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208938"
},
{
"title": "HT208938",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208938"
},
{
"title": "HT208932",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208932"
},
{
"title": "HT208933",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208933"
},
{
"title": "HT208934",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208934"
},
{
"title": "HT208936",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208936"
},
{
"title": "USN-3743-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/3743-1/"
},
{
"title": "Multiple Apple product WebKit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88578"
},
{
"title": "Apple: iTunes 12.8 for Windows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=f7ba17d9ae399e27795e9564dcfb2107"
},
{
"title": "Apple: Safari 11.1.2",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=63a3722f04bf0c78aa613879acf4594f"
},
{
"title": "Apple: iCloud for Windows 7.6",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=cf7dfed585e27b85e35a002d3f098d8c"
},
{
"title": "Apple: tvOS 11.4.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=30ee3a8dff57f1923322b49e6502e8c3"
},
{
"title": "Apple: iOS 11.4.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=1746419c839902958e61a2ba0218e8cd"
},
{
"title": "Ubuntu Security Notice: webkit2gtk vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3743-1"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2196fa008592287290cbd6678fbe10d4"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-4278"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-414"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201808-04"
},
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/3743-1/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208932"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1041232"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/146479"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4278"
},
{
"trust": 1.0,
"url": "https://support.apple.com/ht208933%2c"
},
{
"trust": 1.0,
"url": "https://support.apple.com/ht208934%2c"
},
{
"trust": 1.0,
"url": "https://support.apple.com/ht208936%2c"
},
{
"trust": 1.0,
"url": "https://support.apple.com/ht208938%2c"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4278"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93082496/index.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4263"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4267"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4265"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4264"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4261"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4270"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4262"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4266"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4273"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4284"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4272"
},
{
"trust": 0.6,
"url": "https://support.apple.com/ht208938"
},
{
"trust": 0.6,
"url": "https://support.apple.com/ht208936"
},
{
"trust": 0.6,
"url": "https://support.apple.com/ht208933"
},
{
"trust": 0.6,
"url": "https://support.apple.com/ht208934"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4271"
},
{
"trust": 0.4,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.4,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4293"
},
{
"trust": 0.2,
"url": "https://support.apple.com/ht208933,"
},
{
"trust": 0.2,
"url": "https://support.apple.com/ht208934,"
},
{
"trust": 0.2,
"url": "https://support.apple.com/ht208936,"
},
{
"trust": 0.2,
"url": "https://support.apple.com/ht208938,"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4248"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4282"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4277"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4280"
},
{
"trust": 0.2,
"url": "https://webkitgtk.org/security/wsa-2018-0006.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4274"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4260"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12911"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht208933"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4114"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4233"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4120"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0003.html"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0004.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4127"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11713"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4162"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4125"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4214"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4128"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12294"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4121"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4113"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4133"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4200"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4122"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4117"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11712"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4119"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4146"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0005.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4129"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4218"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4290"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4246"
},
{
"trust": 0.1,
"url": "https://wpewebkit.org/security/."
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security.html"
},
{
"trust": 0.1,
"url": "https://wpewebkit.org/security/wsa-2018-0006.html"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4279"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.5-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3743-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.5-0ubuntu0.18.04.1"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134309"
},
{
"db": "VULMON",
"id": "CVE-2018-4278"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"db": "PACKETSTORM",
"id": "148467"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "148465"
},
{
"db": "PACKETSTORM",
"id": "148854"
},
{
"db": "PACKETSTORM",
"id": "148477"
},
{
"db": "PACKETSTORM",
"id": "148469"
},
{
"db": "PACKETSTORM",
"id": "148970"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-414"
},
{
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-134309"
},
{
"db": "VULMON",
"id": "CVE-2018-4278"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"db": "PACKETSTORM",
"id": "148467"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "148465"
},
{
"db": "PACKETSTORM",
"id": "148854"
},
{
"db": "PACKETSTORM",
"id": "148477"
},
{
"db": "PACKETSTORM",
"id": "148469"
},
{
"db": "PACKETSTORM",
"id": "148970"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-414"
},
{
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-11T00:00:00",
"db": "VULHUB",
"id": "VHN-134309"
},
{
"date": "2019-01-11T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4278"
},
{
"date": "2019-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"date": "2018-07-09T19:22:22",
"db": "PACKETSTORM",
"id": "148467"
},
{
"date": "2018-08-23T18:40:24",
"db": "PACKETSTORM",
"id": "149059"
},
{
"date": "2018-07-09T10:11:11",
"db": "PACKETSTORM",
"id": "148465"
},
{
"date": "2018-08-07T20:22:22",
"db": "PACKETSTORM",
"id": "148854"
},
{
"date": "2018-07-10T14:02:22",
"db": "PACKETSTORM",
"id": "148477"
},
{
"date": "2018-07-09T21:11:11",
"db": "PACKETSTORM",
"id": "148469"
},
{
"date": "2018-08-17T17:39:17",
"db": "PACKETSTORM",
"id": "148970"
},
{
"date": "2019-01-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-414"
},
{
"date": "2019-01-11T18:29:02.937000",
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-134309"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4278"
},
{
"date": "2019-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013511"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-414"
},
{
"date": "2023-11-07T02:58:23.520000",
"db": "NVD",
"id": "CVE-2018-4278"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "148970"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-414"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Sound vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013511"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-414"
}
],
"trust": 0.6
}
}
VAR-202007-1133
Vulnerability from variot - Updated: 2024-07-23 22:12Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. Google Chrome There is an unspecified vulnerability in.Information may be tampered with. WebRTC is one of the components that supports browsers for real-time voice or video conversations. An attacker could exploit this vulnerability to bypass security restrictions. WebRTC: usrsctp is called with pointer as network address
When usrsctp is used with a custom transport, an address must be provided to usrsctp_conninput be used as the source and destination address of the incoming packet. WebRTC uses the address of the SctpTransport instance for this value. Unfortunately, this value is often transmitted to the peer, for example to validate signing of the cookie. This could allow an attacker access to the location in memory of the SctpTransport of a peer, bypassing ASLR.
To reproduce, place the following code on line 9529 of sctp_output.c. This will output the peer's address to the log:
struct sctp_state_cookie cookie2;
struct sctp_state_cookie* cookie3;
cookie3 = sctp_get_next_param(cookie, 4, &cookie2, sizeof(struct sctp_state_cookie));
LOGE(\"COOKIE INITACK ADDRESS %llx laddress %llx\", ((long long)cookie3->address), ((long long)cookie3->address));
Or, view the SCTP packets sent by WebRTC before they are sent to the encryption layer. They are full of pointers.
This bug is subject to a 90 day disclosure deadline. After 90 days elapse, the bug report will become visible to the public. The scheduled disclosure date is 2020-Jul-28. Disclosure at an earlier date is possible if agreed upon by all parties.
Related CVE Numbers: CVE-2020-6514.
Found by: deadbeef@chromium.org
. 8.0) - ppc64le, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: firefox security update Advisory ID: RHSA-2020:3233-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3233 Issue date: 2020-07-29 CVE Names: CVE-2020-6463 CVE-2020-6514 CVE-2020-15652 CVE-2020-15659 ==================================================================== 1. Summary:
An update for firefox is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64
- Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 68.11.0 ESR.
Security Fix(es):
-
chromium-browser: Use after free in ANGLE (CVE-2020-6463)
-
chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
-
Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
-
Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Firefox must be restarted for the changes to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1840893 - CVE-2020-6463 chromium-browser: Use after free in ANGLE 1857349 - CVE-2020-6514 chromium-browser: Inappropriate implementation in WebRTC 1861570 - CVE-2020-15652 Mozilla: Potential leak of redirect targets when loading scripts in a worker 1861572 - CVE-2020-15659 Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: firefox-68.11.0-1.el6_10.src.rpm
i386: firefox-68.11.0-1.el6_10.i686.rpm firefox-debuginfo-68.11.0-1.el6_10.i686.rpm
x86_64: firefox-68.11.0-1.el6_10.x86_64.rpm firefox-debuginfo-68.11.0-1.el6_10.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
x86_64: firefox-68.11.0-1.el6_10.i686.rpm firefox-debuginfo-68.11.0-1.el6_10.i686.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: firefox-68.11.0-1.el6_10.src.rpm
x86_64: firefox-68.11.0-1.el6_10.i686.rpm firefox-68.11.0-1.el6_10.x86_64.rpm firefox-debuginfo-68.11.0-1.el6_10.i686.rpm firefox-debuginfo-68.11.0-1.el6_10.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: firefox-68.11.0-1.el6_10.src.rpm
i386: firefox-68.11.0-1.el6_10.i686.rpm firefox-debuginfo-68.11.0-1.el6_10.i686.rpm
ppc64: firefox-68.11.0-1.el6_10.ppc64.rpm firefox-debuginfo-68.11.0-1.el6_10.ppc64.rpm
s390x: firefox-68.11.0-1.el6_10.s390x.rpm firefox-debuginfo-68.11.0-1.el6_10.s390x.rpm
x86_64: firefox-68.11.0-1.el6_10.x86_64.rpm firefox-debuginfo-68.11.0-1.el6_10.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
x86_64: firefox-68.11.0-1.el6_10.i686.rpm firefox-debuginfo-68.11.0-1.el6_10.i686.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: firefox-68.11.0-1.el6_10.src.rpm
i386: firefox-68.11.0-1.el6_10.i686.rpm firefox-debuginfo-68.11.0-1.el6_10.i686.rpm
x86_64: firefox-68.11.0-1.el6_10.x86_64.rpm firefox-debuginfo-68.11.0-1.el6_10.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
x86_64: firefox-68.11.0-1.el6_10.i686.rpm firefox-debuginfo-68.11.0-1.el6_10.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-6463 https://access.redhat.com/security/cve/CVE-2020-6514 https://access.redhat.com/security/cve/CVE-2020-15652 https://access.redhat.com/security/cve/CVE-2020-15659 https://access.redhat.com/security/updates/classification/#important https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXyH6mdzjgjWX9erEAQiukRAAoSy1u1yd2aSJw+foZEA/YHyuL6bfn+/t /PZHIx68QEOtgGGg91+VR1THGCZWW3FYUJfEIfDu61SzkuSNECyrJNus2NSw9XJk JiK4YYJ2Ga2LWKXhmhJqMyi7uzpxb/yLRIZn6/X4vGqld6SjiXi+J7yX/ctEYI5S tpBcOmYFj/uB0He+BxtaRWBY26cPAeD1SbTLWmMq2+aOMBJ8tujvQFCGFFcH8Rfh /6asAsiDKi1RLQlT44lhYpBPuDurXyyTbCHea4jtGLw5FEFBXWP//J0rvGjb7AbY iw3DimuYGfPLlbLFUww5qLPUv+EcubexHu1NePDTejh0BLvs7VH0e6wXR6/mJH3M VGiRtSTbksFv+T9xdEmdfE1IhM4CG5I+mhd5v5py7iLtJNXyVLMsbiUkSTFA/y8R TjKhK0MIjQ0a4+IdMU8g48YjSP4bq3DKV/mTn0UyBD+eVkZmrWmGsTMhnKs2cfO9 CvbPkHdO8hwhX9iAbsV4Peu98ixgSOP2eG13y6/fRhjBBdMZBPRN4lpHRDRqeUG1 311XD6HFAIOyRlVYx+INenTrMtsvsMkrzePqB6dQjwvJv7joEQkrudT/hRAk0AXg NMX1BDGif8YXNWOgmwMu3ZZVZiiJkUZP2xkd03v3Hh7/hkNvPpXRdjIdsEKgg85J cuWOcZv8Az4=z1Yt -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64
- Description:
Mozilla Thunderbird is a standalone mail and newsgroup client. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-08
https://security.gentoo.org/
Severity: Normal Title: Chromium, Google Chrome: Multiple vulnerabilities Date: July 26, 2020 Bugs: #728418, #729310, #732588 ID: 202007-08
Synopsis
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
Background
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your devices.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 84.0.4147.89 >= 84.0.4147.89 2 www-client/google-chrome < 84.0.4147.89 >= 84.0.4147.89 ------------------------------------------------------------------- 2 affected packages
Description
Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-84.0.4147.89"
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/google-chrome-84.0.4147.89"
References
[ 1 ] CVE-2020-6505 https://nvd.nist.gov/vuln/detail/CVE-2020-6505 [ 2 ] CVE-2020-6506 https://nvd.nist.gov/vuln/detail/CVE-2020-6506 [ 3 ] CVE-2020-6507 https://nvd.nist.gov/vuln/detail/CVE-2020-6507 [ 4 ] CVE-2020-6509 https://nvd.nist.gov/vuln/detail/CVE-2020-6509 [ 5 ] CVE-2020-6510 https://nvd.nist.gov/vuln/detail/CVE-2020-6510 [ 6 ] CVE-2020-6511 https://nvd.nist.gov/vuln/detail/CVE-2020-6511 [ 7 ] CVE-2020-6512 https://nvd.nist.gov/vuln/detail/CVE-2020-6512 [ 8 ] CVE-2020-6513 https://nvd.nist.gov/vuln/detail/CVE-2020-6513 [ 9 ] CVE-2020-6514 https://nvd.nist.gov/vuln/detail/CVE-2020-6514 [ 10 ] CVE-2020-6515 https://nvd.nist.gov/vuln/detail/CVE-2020-6515 [ 11 ] CVE-2020-6516 https://nvd.nist.gov/vuln/detail/CVE-2020-6516 [ 12 ] CVE-2020-6517 https://nvd.nist.gov/vuln/detail/CVE-2020-6517 [ 13 ] CVE-2020-6518 https://nvd.nist.gov/vuln/detail/CVE-2020-6518 [ 14 ] CVE-2020-6519 https://nvd.nist.gov/vuln/detail/CVE-2020-6519 [ 15 ] CVE-2020-6520 https://nvd.nist.gov/vuln/detail/CVE-2020-6520 [ 16 ] CVE-2020-6521 https://nvd.nist.gov/vuln/detail/CVE-2020-6521 [ 17 ] CVE-2020-6522 https://nvd.nist.gov/vuln/detail/CVE-2020-6522 [ 18 ] CVE-2020-6523 https://nvd.nist.gov/vuln/detail/CVE-2020-6523 [ 19 ] CVE-2020-6524 https://nvd.nist.gov/vuln/detail/CVE-2020-6524 [ 20 ] CVE-2020-6525 https://nvd.nist.gov/vuln/detail/CVE-2020-6525 [ 21 ] CVE-2020-6526 https://nvd.nist.gov/vuln/detail/CVE-2020-6526 [ 22 ] CVE-2020-6527 https://nvd.nist.gov/vuln/detail/CVE-2020-6527 [ 23 ] CVE-2020-6528 https://nvd.nist.gov/vuln/detail/CVE-2020-6528 [ 24 ] CVE-2020-6529 https://nvd.nist.gov/vuln/detail/CVE-2020-6529 [ 25 ] CVE-2020-6530 https://nvd.nist.gov/vuln/detail/CVE-2020-6530 [ 26 ] CVE-2020-6531 https://nvd.nist.gov/vuln/detail/CVE-2020-6531 [ 27 ] CVE-2020-6533 https://nvd.nist.gov/vuln/detail/CVE-2020-6533 [ 28 ] CVE-2020-6534 https://nvd.nist.gov/vuln/detail/CVE-2020-6534 [ 29 ] CVE-2020-6535 https://nvd.nist.gov/vuln/detail/CVE-2020-6535 [ 30 ] CVE-2020-6536 https://nvd.nist.gov/vuln/detail/CVE-2020-6536
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-08
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. 8.0) - aarch64, ppc64le, s390x, x86_64
For the stable distribution (buster), these problems have been fixed in version 68.11.0esr-1~deb10u1.
We recommend that you upgrade your firefox-esr packages.
For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8huUkACgkQEMKTtsN8 TjZrWRAAmJKPn+TnXVDcxt9OC/ko2aovs7IotOScCOvjO9Aez+l64cUEOAj4Zxc1 gd/CC/fW/LNudbmLrMKjGft3bFwi/78htATpgcJE5diEjEVlyvgMJiwvwoN+zOO2 1u4hgN6sYiBVnEKBOtS3wA0VGa19tW5mWXWZgtfmEMfuNpz3bUQ8ApQ48M47VdUO JjZbtTP92N8h99Mko3k2Z2xUDimRZ0xvVYXmEQ9lUzQnNpz0yKwSuo/GsjnH3l1n 2Y8ih+m9pCuYfcpXvWtLlQc70koS84MaAzdqYsp1xMpXLHzejDM/e0oDEJppBjwP 0U4qHSbirlwMHn1PSILFsDjYfTwSmFUqvmPb9mcPMnz60xuh6IT+2RUKXekBo263 1uhlHgqd5+hWYuWxQz7FgssJVUzfH2ZzaIoTRTYtTQVJmHeYViWf54AEGP36D6++ I8tNyCVTbDW+114dWjAmkuQ+yVjt0eSb4rqLqwcKxvNT6cCzRRJp2/tSsQCAvFdB dzExvQQMD/t4o+0BUYxani0jJf9DR9N7BoUBQdI0eZNV/mJ1BmDWXJqEpExhilfb 9QlI6oRu/Cw05BpkD1FKeXR+MgMKpi/jubhsYkZQcV9t7C0D/L13DEAqxr4zi4te eLLP/BQ3bl+h71ZHBCYCpbCc+joreguC3Z09IaDYFafewmOACHs= =QMwo -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202007-1133",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "ipados",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "13.6"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "13.6"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "13.1.2"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "6.2.8"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "31"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "backports sle",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "13.4.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "20.04"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "84.0.4147.89"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "84.0.4147.89"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008675"
},
{
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "84.0.4147.89",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.4.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "158785"
},
{
"db": "PACKETSTORM",
"id": "158676"
},
{
"db": "PACKETSTORM",
"id": "158789"
},
{
"db": "PACKETSTORM",
"id": "158685"
},
{
"db": "PACKETSTORM",
"id": "158673"
}
],
"trust": 0.5
},
"cve": "CVE-2020-6514",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-008675",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-184639",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-008675",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-6514",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-008675",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULHUB",
"id": "VHN-184639",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184639"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008675"
},
{
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. Google Chrome There is an unspecified vulnerability in.Information may be tampered with. WebRTC is one of the components that supports browsers for real-time voice or video conversations. An attacker could exploit this vulnerability to bypass security restrictions. WebRTC: usrsctp is called with pointer as network address\n\nWhen usrsctp is used with a custom transport, an address must be provided to usrsctp_conninput be used as the source and destination address of the incoming packet. WebRTC uses the address of the SctpTransport instance for this value. Unfortunately, this value is often transmitted to the peer, for example to validate signing of the cookie. This could allow an attacker access to the location in memory of the SctpTransport of a peer, bypassing ASLR. \n\nTo reproduce, place the following code on line 9529 of sctp_output.c. This will output the peer\u0027s address to the log:\n\n struct sctp_state_cookie cookie2;\n struct sctp_state_cookie* cookie3;\n cookie3 = sctp_get_next_param(cookie, 4, \u0026cookie2, sizeof(struct sctp_state_cookie));\n\n\n LOGE(\\\"COOKIE INITACK ADDRESS %llx laddress %llx\\\", *((long long*)cookie3-\u003eaddress), *((long long*)cookie3-\u003eaddress));\n\nOr, view the SCTP packets sent by WebRTC before they are sent to the encryption layer. They are full of pointers. \n\nThis bug is subject to a 90 day disclosure deadline. After 90 days elapse,\nthe bug report will become visible to the public. The scheduled disclosure\ndate is 2020-Jul-28. Disclosure at an earlier date is possible if\nagreed upon by all parties. \n\n\nRelated CVE Numbers: CVE-2020-6514. \n\n\n\nFound by: deadbeef@chromium.org\n\n. 8.0) - ppc64le, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: firefox security update\nAdvisory ID: RHSA-2020:3233-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:3233\nIssue date: 2020-07-29\nCVE Names: CVE-2020-6463 CVE-2020-6514 CVE-2020-15652\n CVE-2020-15659\n====================================================================\n1. Summary:\n\nAn update for firefox is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - x86_64\n\n3. Description:\n\nMozilla Firefox is an open-source web browser, designed for standards\ncompliance, performance, and portability. \n\nThis update upgrades Firefox to version 68.11.0 ESR. \n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a\nworker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11\n(CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to\ntake effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1840893 - CVE-2020-6463 chromium-browser: Use after free in ANGLE\n1857349 - CVE-2020-6514 chromium-browser: Inappropriate implementation in WebRTC\n1861570 - CVE-2020-15652 Mozilla: Potential leak of redirect targets when loading scripts in a worker\n1861572 - CVE-2020-15659 Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nfirefox-68.11.0-1.el6_10.src.rpm\n\ni386:\nfirefox-68.11.0-1.el6_10.i686.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.i686.rpm\n\nx86_64:\nfirefox-68.11.0-1.el6_10.x86_64.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nx86_64:\nfirefox-68.11.0-1.el6_10.i686.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.i686.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nfirefox-68.11.0-1.el6_10.src.rpm\n\nx86_64:\nfirefox-68.11.0-1.el6_10.i686.rpm\nfirefox-68.11.0-1.el6_10.x86_64.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.i686.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nfirefox-68.11.0-1.el6_10.src.rpm\n\ni386:\nfirefox-68.11.0-1.el6_10.i686.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.i686.rpm\n\nppc64:\nfirefox-68.11.0-1.el6_10.ppc64.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.ppc64.rpm\n\ns390x:\nfirefox-68.11.0-1.el6_10.s390x.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.s390x.rpm\n\nx86_64:\nfirefox-68.11.0-1.el6_10.x86_64.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nx86_64:\nfirefox-68.11.0-1.el6_10.i686.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.i686.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nfirefox-68.11.0-1.el6_10.src.rpm\n\ni386:\nfirefox-68.11.0-1.el6_10.i686.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.i686.rpm\n\nx86_64:\nfirefox-68.11.0-1.el6_10.x86_64.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nx86_64:\nfirefox-68.11.0-1.el6_10.i686.rpm\nfirefox-debuginfo-68.11.0-1.el6_10.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-6463\nhttps://access.redhat.com/security/cve/CVE-2020-6514\nhttps://access.redhat.com/security/cve/CVE-2020-15652\nhttps://access.redhat.com/security/cve/CVE-2020-15659\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-31/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXyH6mdzjgjWX9erEAQiukRAAoSy1u1yd2aSJw+foZEA/YHyuL6bfn+/t\n/PZHIx68QEOtgGGg91+VR1THGCZWW3FYUJfEIfDu61SzkuSNECyrJNus2NSw9XJk\nJiK4YYJ2Ga2LWKXhmhJqMyi7uzpxb/yLRIZn6/X4vGqld6SjiXi+J7yX/ctEYI5S\ntpBcOmYFj/uB0He+BxtaRWBY26cPAeD1SbTLWmMq2+aOMBJ8tujvQFCGFFcH8Rfh\n/6asAsiDKi1RLQlT44lhYpBPuDurXyyTbCHea4jtGLw5FEFBXWP//J0rvGjb7AbY\niw3DimuYGfPLlbLFUww5qLPUv+EcubexHu1NePDTejh0BLvs7VH0e6wXR6/mJH3M\nVGiRtSTbksFv+T9xdEmdfE1IhM4CG5I+mhd5v5py7iLtJNXyVLMsbiUkSTFA/y8R\nTjKhK0MIjQ0a4+IdMU8g48YjSP4bq3DKV/mTn0UyBD+eVkZmrWmGsTMhnKs2cfO9\nCvbPkHdO8hwhX9iAbsV4Peu98ixgSOP2eG13y6/fRhjBBdMZBPRN4lpHRDRqeUG1\n311XD6HFAIOyRlVYx+INenTrMtsvsMkrzePqB6dQjwvJv7joEQkrudT/hRAk0AXg\nNMX1BDGif8YXNWOgmwMu3ZZVZiiJkUZP2xkd03v3Hh7/hkNvPpXRdjIdsEKgg85J\ncuWOcZv8Az4=z1Yt\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6) - i386, x86_64\n\n3. Description:\n\nMozilla Thunderbird is a standalone mail and newsgroup client. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202007-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Chromium, Google Chrome: Multiple vulnerabilities\n Date: July 26, 2020\n Bugs: #728418, #729310, #732588\n ID: 202007-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Chromium and Google Chrome,\nthe worst of which could result in the arbitrary execution of code. \n\nBackground\n==========\n\nChromium is an open-source browser project that aims to build a safer,\nfaster, and more stable way for all users to experience the web. \n\nGoogle Chrome is one fast, simple, and secure browser for all your\ndevices. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 84.0.4147.89 \u003e= 84.0.4147.89\n 2 www-client/google-chrome\n \u003c 84.0.4147.89 \u003e= 84.0.4147.89\n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium and Google\nChrome. Please review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-84.0.4147.89\"\n\nAll Google Chrome users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/google-chrome-84.0.4147.89\"\n\nReferences\n==========\n\n[ 1 ] CVE-2020-6505\n https://nvd.nist.gov/vuln/detail/CVE-2020-6505\n[ 2 ] CVE-2020-6506\n https://nvd.nist.gov/vuln/detail/CVE-2020-6506\n[ 3 ] CVE-2020-6507\n https://nvd.nist.gov/vuln/detail/CVE-2020-6507\n[ 4 ] CVE-2020-6509\n https://nvd.nist.gov/vuln/detail/CVE-2020-6509\n[ 5 ] CVE-2020-6510\n https://nvd.nist.gov/vuln/detail/CVE-2020-6510\n[ 6 ] CVE-2020-6511\n https://nvd.nist.gov/vuln/detail/CVE-2020-6511\n[ 7 ] CVE-2020-6512\n https://nvd.nist.gov/vuln/detail/CVE-2020-6512\n[ 8 ] CVE-2020-6513\n https://nvd.nist.gov/vuln/detail/CVE-2020-6513\n[ 9 ] CVE-2020-6514\n https://nvd.nist.gov/vuln/detail/CVE-2020-6514\n[ 10 ] CVE-2020-6515\n https://nvd.nist.gov/vuln/detail/CVE-2020-6515\n[ 11 ] CVE-2020-6516\n https://nvd.nist.gov/vuln/detail/CVE-2020-6516\n[ 12 ] CVE-2020-6517\n https://nvd.nist.gov/vuln/detail/CVE-2020-6517\n[ 13 ] CVE-2020-6518\n https://nvd.nist.gov/vuln/detail/CVE-2020-6518\n[ 14 ] CVE-2020-6519\n https://nvd.nist.gov/vuln/detail/CVE-2020-6519\n[ 15 ] CVE-2020-6520\n https://nvd.nist.gov/vuln/detail/CVE-2020-6520\n[ 16 ] CVE-2020-6521\n https://nvd.nist.gov/vuln/detail/CVE-2020-6521\n[ 17 ] CVE-2020-6522\n https://nvd.nist.gov/vuln/detail/CVE-2020-6522\n[ 18 ] CVE-2020-6523\n https://nvd.nist.gov/vuln/detail/CVE-2020-6523\n[ 19 ] CVE-2020-6524\n https://nvd.nist.gov/vuln/detail/CVE-2020-6524\n[ 20 ] CVE-2020-6525\n https://nvd.nist.gov/vuln/detail/CVE-2020-6525\n[ 21 ] CVE-2020-6526\n https://nvd.nist.gov/vuln/detail/CVE-2020-6526\n[ 22 ] CVE-2020-6527\n https://nvd.nist.gov/vuln/detail/CVE-2020-6527\n[ 23 ] CVE-2020-6528\n https://nvd.nist.gov/vuln/detail/CVE-2020-6528\n[ 24 ] CVE-2020-6529\n https://nvd.nist.gov/vuln/detail/CVE-2020-6529\n[ 25 ] CVE-2020-6530\n https://nvd.nist.gov/vuln/detail/CVE-2020-6530\n[ 26 ] CVE-2020-6531\n https://nvd.nist.gov/vuln/detail/CVE-2020-6531\n[ 27 ] CVE-2020-6533\n https://nvd.nist.gov/vuln/detail/CVE-2020-6533\n[ 28 ] CVE-2020-6534\n https://nvd.nist.gov/vuln/detail/CVE-2020-6534\n[ 29 ] CVE-2020-6535\n https://nvd.nist.gov/vuln/detail/CVE-2020-6535\n[ 30 ] CVE-2020-6536\n https://nvd.nist.gov/vuln/detail/CVE-2020-6536\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202007-08\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n. 8.0) - aarch64, ppc64le, s390x, x86_64\n\n3. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 68.11.0esr-1~deb10u1. \n\nWe recommend that you upgrade your firefox-esr packages. \n\nFor the detailed security status of firefox-esr please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/firefox-esr\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8huUkACgkQEMKTtsN8\nTjZrWRAAmJKPn+TnXVDcxt9OC/ko2aovs7IotOScCOvjO9Aez+l64cUEOAj4Zxc1\ngd/CC/fW/LNudbmLrMKjGft3bFwi/78htATpgcJE5diEjEVlyvgMJiwvwoN+zOO2\n1u4hgN6sYiBVnEKBOtS3wA0VGa19tW5mWXWZgtfmEMfuNpz3bUQ8ApQ48M47VdUO\nJjZbtTP92N8h99Mko3k2Z2xUDimRZ0xvVYXmEQ9lUzQnNpz0yKwSuo/GsjnH3l1n\n2Y8ih+m9pCuYfcpXvWtLlQc70koS84MaAzdqYsp1xMpXLHzejDM/e0oDEJppBjwP\n0U4qHSbirlwMHn1PSILFsDjYfTwSmFUqvmPb9mcPMnz60xuh6IT+2RUKXekBo263\n1uhlHgqd5+hWYuWxQz7FgssJVUzfH2ZzaIoTRTYtTQVJmHeYViWf54AEGP36D6++\nI8tNyCVTbDW+114dWjAmkuQ+yVjt0eSb4rqLqwcKxvNT6cCzRRJp2/tSsQCAvFdB\ndzExvQQMD/t4o+0BUYxani0jJf9DR9N7BoUBQdI0eZNV/mJ1BmDWXJqEpExhilfb\n9QlI6oRu/Cw05BpkD1FKeXR+MgMKpi/jubhsYkZQcV9t7C0D/L13DEAqxr4zi4te\neLLP/BQ3bl+h71ZHBCYCpbCc+joreguC3Z09IaDYFafewmOACHs=\n=QMwo\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6514"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008675"
},
{
"db": "VULHUB",
"id": "VHN-184639"
},
{
"db": "PACKETSTORM",
"id": "158697"
},
{
"db": "PACKETSTORM",
"id": "158785"
},
{
"db": "PACKETSTORM",
"id": "158676"
},
{
"db": "PACKETSTORM",
"id": "158789"
},
{
"db": "PACKETSTORM",
"id": "158685"
},
{
"db": "PACKETSTORM",
"id": "158565"
},
{
"db": "PACKETSTORM",
"id": "158673"
},
{
"db": "PACKETSTORM",
"id": "168870"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-184639",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184639"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6514",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "158697",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008675",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "158685",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "158676",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "158785",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "158789",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "158673",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "158565",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "158788",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "158787",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "158664",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "158691",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "158678",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "158686",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "158804",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "158786",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1004",
"trust": 0.1
},
{
"db": "CNVD",
"id": "CNVD-2020-43481",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-184639",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168870",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184639"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008675"
},
{
"db": "PACKETSTORM",
"id": "158697"
},
{
"db": "PACKETSTORM",
"id": "158785"
},
{
"db": "PACKETSTORM",
"id": "158676"
},
{
"db": "PACKETSTORM",
"id": "158789"
},
{
"db": "PACKETSTORM",
"id": "158685"
},
{
"db": "PACKETSTORM",
"id": "158565"
},
{
"db": "PACKETSTORM",
"id": "158673"
},
{
"db": "PACKETSTORM",
"id": "168870"
},
{
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"id": "VAR-202007-1133",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-184639"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:12:07.961000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Stable Channel Update for Desktop",
"trust": 0.8,
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008675"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184639"
},
{
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6514"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202007-08"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht211288"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht211290"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht211291"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht211292"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2020/dsa-4736"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2020/dsa-4740"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202007-64"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202101-30"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/158697/webrtc-usrsctp-incorrect-call.html"
},
{
"trust": 1.1,
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
},
{
"trust": 1.1,
"url": "https://crbug.com/1076703"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00027.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00032.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/4443-1/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mtrpptkz2rkvh2xgqcwnfz7fogq5llca/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/myidwchg24ztfd4p42d4a4wwppa74bcg/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6514"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15659"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15652"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6463"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-15652"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-15659"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-6463"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-6514"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2020-31/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/myidwchg24ztfd4p42d4a4wwppa74bcg/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/mtrpptkz2rkvh2xgqcwnfz7fogq5llca/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3343"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3233"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3345"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6507"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6533"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6515"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6536"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6509"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6506"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6523"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6517"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6534"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6520"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6531"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6526"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6518"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6512"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6527"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6524"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6522"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6528"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6505"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6513"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6521"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6519"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6535"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6516"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6511"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6510"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6525"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6529"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3229"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/firefox-esr"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184639"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008675"
},
{
"db": "PACKETSTORM",
"id": "158697"
},
{
"db": "PACKETSTORM",
"id": "158785"
},
{
"db": "PACKETSTORM",
"id": "158676"
},
{
"db": "PACKETSTORM",
"id": "158789"
},
{
"db": "PACKETSTORM",
"id": "158685"
},
{
"db": "PACKETSTORM",
"id": "158565"
},
{
"db": "PACKETSTORM",
"id": "158673"
},
{
"db": "PACKETSTORM",
"id": "168870"
},
{
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-184639"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008675"
},
{
"db": "PACKETSTORM",
"id": "158697"
},
{
"db": "PACKETSTORM",
"id": "158785"
},
{
"db": "PACKETSTORM",
"id": "158676"
},
{
"db": "PACKETSTORM",
"id": "158789"
},
{
"db": "PACKETSTORM",
"id": "158685"
},
{
"db": "PACKETSTORM",
"id": "158565"
},
{
"db": "PACKETSTORM",
"id": "158673"
},
{
"db": "PACKETSTORM",
"id": "168870"
},
{
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-184639"
},
{
"date": "2020-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008675"
},
{
"date": "2020-07-31T22:33:23",
"db": "PACKETSTORM",
"id": "158697"
},
{
"date": "2020-08-06T17:06:24",
"db": "PACKETSTORM",
"id": "158785"
},
{
"date": "2020-07-30T15:51:23",
"db": "PACKETSTORM",
"id": "158676"
},
{
"date": "2020-08-06T17:06:54",
"db": "PACKETSTORM",
"id": "158789"
},
{
"date": "2020-07-31T19:38:39",
"db": "PACKETSTORM",
"id": "158685"
},
{
"date": "2020-07-27T17:49:47",
"db": "PACKETSTORM",
"id": "158565"
},
{
"date": "2020-07-30T15:51:02",
"db": "PACKETSTORM",
"id": "158673"
},
{
"date": "2020-07-28T19:12:00",
"db": "PACKETSTORM",
"id": "168870"
},
{
"date": "2020-07-22T17:15:13.447000",
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-184639"
},
{
"date": "2020-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008675"
},
{
"date": "2023-11-07T03:24:25.053000",
"db": "NVD",
"id": "CVE-2020-6514"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google Chrome Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008675"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "158565"
},
{
"db": "PACKETSTORM",
"id": "168870"
}
],
"trust": 0.2
}
}
VAR-201806-1436
Vulnerability from variot - Updated: 2024-07-23 22:11An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to overwrite cookies via a crafted web site. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. The following products and versions are affected: Apple iOS prior to 11.4; Safari prior to 11.1.1; Windows-based iCloud prior to 7.5; Windows-based iTunes prior to 12.7.5; tvOS prior to 11.4; watchOS 4.3. 1 previous version. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04
https://security.gentoo.org/
Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04
Synopsis
Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution.
Background
WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
[ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2018-7-23-3 Additional information for APPLE-SA-2018-06-01-4 iOS 11.4
iOS 11.4 addresses the following:
Bluetooth Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4215: Abraham Masri (@cheesecakeufo)
Bluetooth Available for: iPhone X, iPhone 8, iPhone 8 Plus, iPad 6th generation, and iPad Air 2 Not impacted: HomePod Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. CVE-2018-5383: Lior Neumann and Eli Biham Entry added July 23, 2018
Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted vcf file may lead to a denial of service Description: A validation issue existed in the handling of phone numbers. CVE-2018-4100: Abraham Masri (@cheesecakeufo)
FontParser Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team
iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to spoof password prompts in iBooks Description: An input validation issue was addressed with improved input validation. CVE-2018-4202: Jerry Decime
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4249: Kevin Backhouse of Semmle Ltd.
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2018-4241: Ian Beer of Google Project Zero CVE-2018-4243: Ian Beer of Google Project Zero
libxpc Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved validation. CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative
Magnifier Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen Description: A permissions issue existed in Magnifier. This was addressed with additional permission checks. CVE-2018-4239: an anonymous researcher
Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exfiltrate the contents of S/MIME-encrypted e-mail Description: An issue existed in the handling of encrypted Mail. CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum
Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to conduct impersonation attacks Description: An injection issue was addressed with improved input validation. CVE-2018-4235: Anurodh Pokharel of Salesforce.com
Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted message may lead to a denial of service Description: This issue was addressed with improved message validation. CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd CVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya
Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to cause a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise Solutions
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent account identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4223: Abraham Masri (@cheesecakeufo)
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Users may be tracked by malicious websites using client certificates Description: An issue existed in the handling of S-MIME certificaties. CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to read a persistent device identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4224: Abraham Masri (@cheesecakeufo)
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to modify the state of the Keychain Description: An authorization issue was addressed with improved state management. CVE-2018-4225: Abraham Masri (@cheesecakeufo)
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to view sensitive user information Description: An authorization issue was addressed with improved state management. CVE-2018-4226: Abraham Masri (@cheesecakeufo)
Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to enable Siri from the lock screen Description: An issue existed with Siri permissions. CVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can BIKMAZ (@CanBkmaz) of Mustafa Kemal University
Siri Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: An issue existed with Siri permissions. CVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn)
Siri Contacts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker with physical access to a device may be able to see private contact information Description: An issue existed with Siri permissions. CVE-2018-4244: an anonymous researcher
UIKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A validation issue existed in the handling of text. CVE-2018-4198: Hunter Byrnes
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4201: an anonymous researcher CVE-2018-4218: Natalie Silvanovich of Google Project Zero CVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A permissions issue existed in the handling of web browser cookies. CVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4246: found by OSS-Fuzz
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a maliciously crafted website may leak sensitive data Description: Credentials were unexpectedly sent when fetching CSS mask images. CVE-2018-4222: Natalie Silvanovich of Google Project Zero
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "iOS 11.4".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUshMACgkQ8ecVjteJ iCbspA//aVxu/EdiaNxNRmRDFB8LpqKa3xjJdfkK9cJRYZ+eBHJZjBfzj4BzABuG Xow7FkEE7LSQpCeJ08Ggo6vVQUdR4+etQ2UfjQWGX6qIvLZUXK0lw2x5XdTP0q4m WmNoZcdK3cmbVXGMWUZRUrYPTWwMnTMsPpPoDoptaQRseN+K/0kdwsQZtdqeN9sq GN3Qp6AW6WR1gUAgDriIyzFXTxJ8NmKx2+4B5O2w0TbmzxGa/F5ZUjw4D/wwJJPA /RXAwseJMghPfbi9tNcjUhbGFfcnr5JvyGfY2GESFc7odWt2XSpePHr6qaJzogBr KeJKOVpgTdS4PO37+KDUfQDIElSnYQVTff8Tinxg/Zojafp0PxYkDYRxw7i16YKU HsB7R0o5Yi5YD4uG5ioMj4RspQDWozzveVvvtah6/bWChQQwD3XHr6JRM6oJ106G wNx2EHfRRXFQCY680RfE8hN/98IJRrCF6nIdO9zBbzGM/Ihzr02F0qSrdB5/PXSq S6EwJi0M5ia/KMFSO7EY5qQ2aipyDC3WPkvQrHtpsqstMrktyJOYGbm/t39WmIBb gC92rxvNFr5mO8Owypu1/tloGr15zIxPGR6OXA/DVxdRm2/UmW1tsqQfKgporJMD de6uiZJb8p8X36KC7YmHLTApYL3CaZebJIIOmf8tKjQUxxbR9wE= =nII0 -----END PGP SIGNATURE----- . ------------------------------------------------------------------------ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0005
Date reported : June 13, 2018 Advisory ID : WSA-2018-0005 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0005.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0005.html CVE identifiers : CVE-2018-4190, CVE-2018-4192, CVE-2018-4199, CVE-2018-4201, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233, CVE-2018-11646, CVE-2018-11712, CVE-2018-11713, CVE-2018-12293, CVE-2018-12294.
Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. Credit to Jun Kokatsu (@shhnjk). Impact: Visiting a maliciously crafted website may leak sensitive data. Description: Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. Credit to Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A race condition was addressed with improved locking. Credit to Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A buffer overflow issue was addressed with improved memory handling. Credit to an anonymous researcher. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to an unexpected application crash. Description: A memory corruption issue was addressed with improved input validation. Credit to Natalie Silvanovich of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Natalie Silvanovich of Google Project Zero. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: An out-of-bounds read was addressed with improved input validation. Credit to Aymeric Chaib. Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. Credit to Samuel Gross (@5aelo) working with Trend Micro's Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Mishra Dhiraj. Maliciously crafted web content could trigger an application crash in WebKitFaviconDatabase, caused by mishandling unexpected input. Credit to Metrological Group B.V. The libsoup network backend of WebKit failed to perform TLS certificate verification for WebSocket connections. Credit to Dirkjan Ochtman. The libsoup network backend of WebKit unexpectedly failed to use system proxy settings for WebSocket connections. Credit to ADlab of Venustech. Maliciously crafted web content could achieve a heap buffer overflow in ImageBufferCairo by exploiting multiple integer overflow issues. Credit to ADlab of Venustech. Maliciously crafted web content could trigger a use-after-free of a TextureMapperLayer object.
We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running a safe version of WebKit. Please check our websites for information about the latest stable releases.
Further information about WebKitGTK+ and WPE WebKit security advisories can be found at https://webkitgtk.org/security.html or https://wpewebkit.org/security/.
The WebKitGTK+ and WPE WebKit team, June 13, 2018 . ========================================================================== Ubuntu Security Notice USN-3687-1 June 18, 2018
webkit2gtk vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description: - webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.18.04.1 libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.18.04.1
Ubuntu 17.10: libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.17.10.1 libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.17.10.1
Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3687-1 CVE-2018-12293, CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233
Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.16.04.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1436",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.1.1"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.4"
},
{
"model": "icloud",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.5"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.7.5"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "icloud",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.5 (windows 7 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (ipad air or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (iphone 5s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (ipod touch first 6 generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 12.7.5 (windows 7 or later )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.1 (macos high sierra 10.13.4)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.1 (macos sierra 10.12.6)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1.1 (os x el capitan 10.11.6)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (apple tv 4k)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.4 (apple tv first 4 generation )"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "8.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.7.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.7.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.7"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-602"
},
{
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.7.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "148643"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148027"
}
],
"trust": 0.5
},
"cve": "CVE-2018-4232",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-4232",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-134263",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-4232",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4232",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-602",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-134263",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-4232",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134263"
},
{
"db": "VULMON",
"id": "CVE-2018-4232"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-602"
},
{
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to overwrite cookies via a crafted web site. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. The following products and versions are affected: Apple iOS prior to 11.4; Safari prior to 11.1.1; Windows-based iCloud prior to 7.5; Windows-based iTunes prior to 12.7.5; tvOS prior to 11.4; watchOS 4.3. 1 previous version. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201808-04\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: WebkitGTK+: Multiple vulnerabilities\n Date: August 22, 2018\n Bugs: #652820, #658168, #662974\n ID: 201808-04\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in WebKitGTK+, the worst of\nwhich may lead to arbitrary code execution. \n\nBackground\n==========\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine,\nsuitable for projects requiring any kind of web integration, from\nhybrid HTML/CSS applications to full-fledged web browsers. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/webkit-gtk \u003c 2.20.4 \u003e= 2.20.4\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please\nreview the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll WebkitGTK+ users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-libs/webkit-gtk-2.20.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-11646\n https://nvd.nist.gov/vuln/detail/CVE-2018-11646\n[ 2 ] CVE-2018-11712\n https://nvd.nist.gov/vuln/detail/CVE-2018-11712\n[ 3 ] CVE-2018-11713\n https://nvd.nist.gov/vuln/detail/CVE-2018-11713\n[ 4 ] CVE-2018-12293\n https://nvd.nist.gov/vuln/detail/CVE-2018-12293\n[ 5 ] CVE-2018-12294\n https://nvd.nist.gov/vuln/detail/CVE-2018-12294\n[ 6 ] CVE-2018-4101\n https://nvd.nist.gov/vuln/detail/CVE-2018-4101\n[ 7 ] CVE-2018-4113\n https://nvd.nist.gov/vuln/detail/CVE-2018-4113\n[ 8 ] CVE-2018-4114\n https://nvd.nist.gov/vuln/detail/CVE-2018-4114\n[ 9 ] CVE-2018-4117\n https://nvd.nist.gov/vuln/detail/CVE-2018-4117\n[ 10 ] CVE-2018-4118\n https://nvd.nist.gov/vuln/detail/CVE-2018-4118\n[ 11 ] CVE-2018-4119\n https://nvd.nist.gov/vuln/detail/CVE-2018-4119\n[ 12 ] CVE-2018-4120\n https://nvd.nist.gov/vuln/detail/CVE-2018-4120\n[ 13 ] CVE-2018-4121\n https://nvd.nist.gov/vuln/detail/CVE-2018-4121\n[ 14 ] CVE-2018-4122\n https://nvd.nist.gov/vuln/detail/CVE-2018-4122\n[ 15 ] CVE-2018-4125\n https://nvd.nist.gov/vuln/detail/CVE-2018-4125\n[ 16 ] CVE-2018-4127\n https://nvd.nist.gov/vuln/detail/CVE-2018-4127\n[ 17 ] CVE-2018-4128\n https://nvd.nist.gov/vuln/detail/CVE-2018-4128\n[ 18 ] CVE-2018-4129\n https://nvd.nist.gov/vuln/detail/CVE-2018-4129\n[ 19 ] CVE-2018-4133\n https://nvd.nist.gov/vuln/detail/CVE-2018-4133\n[ 20 ] CVE-2018-4146\n https://nvd.nist.gov/vuln/detail/CVE-2018-4146\n[ 21 ] CVE-2018-4162\n https://nvd.nist.gov/vuln/detail/CVE-2018-4162\n[ 22 ] CVE-2018-4163\n https://nvd.nist.gov/vuln/detail/CVE-2018-4163\n[ 23 ] CVE-2018-4165\n https://nvd.nist.gov/vuln/detail/CVE-2018-4165\n[ 24 ] CVE-2018-4190\n https://nvd.nist.gov/vuln/detail/CVE-2018-4190\n[ 25 ] CVE-2018-4192\n https://nvd.nist.gov/vuln/detail/CVE-2018-4192\n[ 26 ] CVE-2018-4199\n https://nvd.nist.gov/vuln/detail/CVE-2018-4199\n[ 27 ] CVE-2018-4200\n https://nvd.nist.gov/vuln/detail/CVE-2018-4200\n[ 28 ] CVE-2018-4201\n https://nvd.nist.gov/vuln/detail/CVE-2018-4201\n[ 29 ] CVE-2018-4204\n https://nvd.nist.gov/vuln/detail/CVE-2018-4204\n[ 30 ] CVE-2018-4214\n https://nvd.nist.gov/vuln/detail/CVE-2018-4214\n[ 31 ] CVE-2018-4218\n https://nvd.nist.gov/vuln/detail/CVE-2018-4218\n[ 32 ] CVE-2018-4222\n https://nvd.nist.gov/vuln/detail/CVE-2018-4222\n[ 33 ] CVE-2018-4232\n https://nvd.nist.gov/vuln/detail/CVE-2018-4232\n[ 34 ] CVE-2018-4233\n https://nvd.nist.gov/vuln/detail/CVE-2018-4233\n[ 35 ] CVE-2018-4261\n https://nvd.nist.gov/vuln/detail/CVE-2018-4261\n[ 36 ] CVE-2018-4262\n https://nvd.nist.gov/vuln/detail/CVE-2018-4262\n[ 37 ] CVE-2018-4263\n https://nvd.nist.gov/vuln/detail/CVE-2018-4263\n[ 38 ] CVE-2018-4264\n https://nvd.nist.gov/vuln/detail/CVE-2018-4264\n[ 39 ] CVE-2018-4265\n https://nvd.nist.gov/vuln/detail/CVE-2018-4265\n[ 40 ] CVE-2018-4266\n https://nvd.nist.gov/vuln/detail/CVE-2018-4266\n[ 41 ] CVE-2018-4267\n https://nvd.nist.gov/vuln/detail/CVE-2018-4267\n[ 42 ] CVE-2018-4270\n https://nvd.nist.gov/vuln/detail/CVE-2018-4270\n[ 43 ] CVE-2018-4272\n https://nvd.nist.gov/vuln/detail/CVE-2018-4272\n[ 44 ] CVE-2018-4273\n https://nvd.nist.gov/vuln/detail/CVE-2018-4273\n[ 45 ] CVE-2018-4278\n https://nvd.nist.gov/vuln/detail/CVE-2018-4278\n[ 46 ] CVE-2018-4284\n https://nvd.nist.gov/vuln/detail/CVE-2018-4284\n[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003\n https://webkitgtk.org/security/WSA-2018-0003.html\n[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004\n https://webkitgtk.org/security/WSA-2018-0004.html\n[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005\n https://webkitgtk.org/security/WSA-2018-0005.html\n[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006\n https://webkitgtk.org/security/WSA-2018-0006.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201808-04\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-7-23-3 Additional information for\nAPPLE-SA-2018-06-01-4 iOS 11.4\n\niOS 11.4 addresses the following:\n\nBluetooth\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to elevate privileges\nDescription: A buffer overflow was addressed with improved size\nvalidation. \nCVE-2018-4215: Abraham Masri (@cheesecakeufo)\n\nBluetooth\nAvailable for: iPhone X, iPhone 8, iPhone 8 Plus,\niPad 6th generation, and iPad Air 2\nNot impacted: HomePod\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic\nDescription: An input validation issue existed in Bluetooth. \nCVE-2018-5383: Lior Neumann and Eli Biham\nEntry added July 23, 2018\n\nContacts\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing a maliciously crafted vcf file may lead to a\ndenial of service\nDescription: A validation issue existed in the handling of phone\nnumbers. \nCVE-2018-4100: Abraham Masri (@cheesecakeufo)\n\nFontParser\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2018-4211: Proteas of Qihoo 360 Nirvan Team\n\niBooks\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker in a privileged network position may be able to\nspoof password prompts in iBooks\nDescription: An input validation issue was addressed with improved\ninput validation. \nCVE-2018-4202: Jerry Decime\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4249: Kevin Backhouse of Semmle Ltd. \n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A buffer overflow was addressed with improved bounds\nchecking. \nCVE-2018-4241: Ian Beer of Google Project Zero\nCVE-2018-4243: Ian Beer of Google Project Zero\n\nlibxpc\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro\u0027s Zero\nDay Initiative\n\nMagnifier\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A person with physical access to an iOS device may be able to\nview the last image used in Magnifier from the lockscreen\nDescription: A permissions issue existed in Magnifier. This was\naddressed with additional permission checks. \nCVE-2018-4239: an anonymous researcher\n\nMail\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker may be able to exfiltrate the contents of\nS/MIME-encrypted e-mail\nDescription: An issue existed in the handling of encrypted Mail. \nCVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied\nSciences, Christian Dresen of MA1/4nster University of Applied Sciences,\nJens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster\nUniversity of Applied Sciences, Sebastian Schinzel of MA1/4nster\nUniversity of Applied Sciences, Simon Friedberger of KU Leuven, Juraj\nSomorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University\nBochum\n\nMessages\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to conduct impersonation attacks\nDescription: An injection issue was addressed with improved input\nvalidation. \nCVE-2018-4235: Anurodh Pokharel of Salesforce.com\n\nMessages\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing a maliciously crafted message may lead to a denial\nof service\nDescription: This issue was addressed with improved message\nvalidation. \nCVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd\nCVE-2018-4250: Metehan YA+-lmaz of Sesim Sarpkaya\n\nSafari\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may be able to cause a denial of service\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4247: FranASSois Renaud, Jesse Viviano of Verizon Enterprise\nSolutions\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to read a persistent account\nidentifier\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4223: Abraham Masri (@cheesecakeufo)\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Users may be tracked by malicious websites using client\ncertificates\nDescription: An issue existed in the handling of S-MIME\ncertificaties. \nCVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied\nSciences, Christian Dresen of MA1/4nster University of Applied Sciences,\nJens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster\nUniversity of Applied Sciences, Sebastian Schinzel of MA1/4nster\nUniversity of Applied Sciences, Simon Friedberger of KU Leuven, Juraj\nSomorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University\nBochum\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to read a persistent device\nidentifier\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4224: Abraham Masri (@cheesecakeufo)\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to modify the state of the Keychain\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4225: Abraham Masri (@cheesecakeufo)\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to view sensitive user information\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4226: Abraham Masri (@cheesecakeufo)\n\nSiri\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A person with physical access to an iOS device may be able to\nenable Siri from the lock screen\nDescription: An issue existed with Siri permissions. \nCVE-2018-4238: Baljinder Singh, Muhammad khizer javed, Onur Can\nBIKMAZ (@CanBkmaz) of Mustafa Kemal University\n\nSiri\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A person with physical access to an iOS device may be able to\nuse Siri to read notifications of content that is set not to be\ndisplayed at the lock screen\nDescription: An issue existed with Siri permissions. \nCVE-2018-4252: Hunter Byrnes, Martin Winkelmann (@Winkelmannnn)\n\nSiri Contacts\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker with physical access to a device may be able to\nsee private contact information\nDescription: An issue existed with Siri permissions. \nCVE-2018-4244: an anonymous researcher\n\nUIKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing a maliciously crafted text file may lead to a\ndenial of service\nDescription: A validation issue existed in the handling of text. \nCVE-2018-4198: Hunter Byrnes\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4188: YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4201: an anonymous researcher\nCVE-2018-4218: Natalie Silvanovich of Google Project Zero\nCVE-2018-4233: Samuel GroA (@5aelo) working with Trend Micro\u0027s Zero\nDay Initiative\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils\nof MWR Labs working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a maliciously crafted website may lead to cookies\nbeing overwritten\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. \nCVE-2018-4192: Markus Gaasedelen, Nick Burnett, and Patrick Biernat\nof Ret2 Systems, Inc working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to an\nunexpected Safari crash\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4204: found by OSS-Fuzz, Richard Zhu (fluorescence) working\nwith Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A type confusion issue was addressed with improved\nmemory handling. \nCVE-2018-4246: found by OSS-Fuzz\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a maliciously crafted website may leak sensitive\ndata\nDescription: Credentials were unexpectedly sent when fetching CSS\nmask images. \nCVE-2018-4222: Natalie Silvanovich of Google Project Zero\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom https://www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"iOS 11.4\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUshMACgkQ8ecVjteJ\niCbspA//aVxu/EdiaNxNRmRDFB8LpqKa3xjJdfkK9cJRYZ+eBHJZjBfzj4BzABuG\nXow7FkEE7LSQpCeJ08Ggo6vVQUdR4+etQ2UfjQWGX6qIvLZUXK0lw2x5XdTP0q4m\nWmNoZcdK3cmbVXGMWUZRUrYPTWwMnTMsPpPoDoptaQRseN+K/0kdwsQZtdqeN9sq\nGN3Qp6AW6WR1gUAgDriIyzFXTxJ8NmKx2+4B5O2w0TbmzxGa/F5ZUjw4D/wwJJPA\n/RXAwseJMghPfbi9tNcjUhbGFfcnr5JvyGfY2GESFc7odWt2XSpePHr6qaJzogBr\nKeJKOVpgTdS4PO37+KDUfQDIElSnYQVTff8Tinxg/Zojafp0PxYkDYRxw7i16YKU\nHsB7R0o5Yi5YD4uG5ioMj4RspQDWozzveVvvtah6/bWChQQwD3XHr6JRM6oJ106G\nwNx2EHfRRXFQCY680RfE8hN/98IJRrCF6nIdO9zBbzGM/Ihzr02F0qSrdB5/PXSq\nS6EwJi0M5ia/KMFSO7EY5qQ2aipyDC3WPkvQrHtpsqstMrktyJOYGbm/t39WmIBb\ngC92rxvNFr5mO8Owypu1/tloGr15zIxPGR6OXA/DVxdRm2/UmW1tsqQfKgporJMD\nde6uiZJb8p8X36KC7YmHLTApYL3CaZebJIIOmf8tKjQUxxbR9wE=\n=nII0\n-----END PGP SIGNATURE-----\n. ------------------------------------------------------------------------\nWebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0005\n------------------------------------------------------------------------\n\nDate reported : June 13, 2018\nAdvisory ID : WSA-2018-0005\nWebKitGTK+ Advisory URL : \nhttps://webkitgtk.org/security/WSA-2018-0005.html\nWPE WebKit Advisory URL : \nhttps://wpewebkit.org/security/WSA-2018-0005.html\nCVE identifiers : CVE-2018-4190, CVE-2018-4192, CVE-2018-4199,\n CVE-2018-4201, CVE-2018-4214, CVE-2018-4218,\n CVE-2018-4222, CVE-2018-4232, CVE-2018-4233,\n CVE-2018-11646, CVE-2018-11712,\n CVE-2018-11713, CVE-2018-12293,\n CVE-2018-12294. \n\nSeveral vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. \n Credit to Jun Kokatsu (@shhnjk). \n Impact: Visiting a maliciously crafted website may leak sensitive\n data. Description: Credentials were unexpectedly sent when fetching\n CSS mask images. This was addressed by using a CORS-enabled fetch\n method. \n Credit to Markus Gaasedelen, Nick Burnett, and Patrick Biernat of\n Ret2 Systems, Inc working with Trend Micro\u0027s Zero Day Initiative. \n Impact: Processing maliciously crafted web content may lead to\n arbitrary code execution. Description: A race condition was\n addressed with improved locking. \n Credit to Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of\n MWR Labs working with Trend Micro\u0027s Zero Day Initiative. \n Impact: Processing maliciously crafted web content may lead to\n arbitrary code execution. Description: A buffer overflow issue was\n addressed with improved memory handling. \n Credit to an anonymous researcher. \n Impact: Processing maliciously crafted web content may lead to\n arbitrary code execution. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to OSS-Fuzz. \n Impact: Processing maliciously crafted web content may lead to an\n unexpected application crash. Description: A memory corruption issue\n was addressed with improved input validation. \n Credit to Natalie Silvanovich of Google Project Zero. \n Impact: Processing maliciously crafted web content may lead to\n arbitrary code execution. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Natalie Silvanovich of Google Project Zero. \n Impact: Processing maliciously crafted web content may lead to\n arbitrary code execution. Description: An out-of-bounds read was\n addressed with improved input validation. \n Credit to Aymeric Chaib. Description: A permissions issue existed in the\n handling of web browser cookies. This issue was addressed with\n improved restrictions. \n Credit to Samuel Gross (@5aelo) working with Trend Micro\u0027s Zero Day\n Initiative. \n Impact: Processing maliciously crafted web content may lead to\n arbitrary code execution. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Mishra Dhiraj. \n Maliciously crafted web content could trigger an application crash\n in WebKitFaviconDatabase, caused by mishandling unexpected input. \n Credit to Metrological Group B.V. \n The libsoup network backend of WebKit failed to perform TLS\n certificate verification for WebSocket connections. \n Credit to Dirkjan Ochtman. \n The libsoup network backend of WebKit unexpectedly failed to use\n system proxy settings for WebSocket connections. \n Credit to ADlab of Venustech. \n Maliciously crafted web content could achieve a heap buffer overflow\n in ImageBufferCairo by exploiting multiple integer overflow issues. \n Credit to ADlab of Venustech. \n Maliciously crafted web content could trigger a use-after-free of a\n TextureMapperLayer object. \n\n\nWe recommend updating to the latest stable versions of WebKitGTK+ and\nWPE WebKit. It is the best way to ensure that you are running a safe\nversion of WebKit. Please check our websites for information about the\nlatest stable releases. \n\nFurther information about WebKitGTK+ and WPE WebKit security advisories\ncan be found at https://webkitgtk.org/security.html or\nhttps://wpewebkit.org/security/. \n\nThe WebKitGTK+ and WPE WebKit team,\nJune 13, 2018\n. ==========================================================================\nUbuntu Security Notice USN-3687-1\nJune 18, 2018\n\nwebkit2gtk vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.04 LTS\n- Ubuntu 17.10\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in WebKitGTK+. \n\nSoftware Description:\n- webkit2gtk: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKitGTK+ Web and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.04 LTS:\n libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.18.04.1\n libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.18.04.1\n\nUbuntu 17.10:\n libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.17.10.1\n libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.17.10.1\n\nUbuntu 16.04 LTS:\n libjavascriptcoregtk-4.0-18 2.20.3-0ubuntu0.16.04.1\n libwebkit2gtk-4.0-37 2.20.3-0ubuntu0.16.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any applications\nthat use WebKitGTK+, such as Epiphany, to make all the necessary changes. \n\nReferences:\n https://usn.ubuntu.com/usn/usn-3687-1\n CVE-2018-12293, CVE-2018-4190, CVE-2018-4199, CVE-2018-4218,\n CVE-2018-4222, CVE-2018-4232, CVE-2018-4233\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.18.04.1\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.17.10.1\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.16.04.1\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4232"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"db": "VULHUB",
"id": "VHN-134263"
},
{
"db": "VULMON",
"id": "CVE-2018-4232"
},
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "148643"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148200"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148219"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4232",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1041029",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU98864649",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005525",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-602",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-134263",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4232",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148643",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148644",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148200",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148028",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148027",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148219",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134263"
},
{
"db": "VULMON",
"id": "CVE-2018-4232"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "148643"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148200"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148219"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-602"
},
{
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"id": "VAR-201806-1436",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134263"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:11:27.007000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT208854",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208854"
},
{
"title": "HT208848",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208848"
},
{
"title": "HT208850",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208850"
},
{
"title": "HT208852",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208852"
},
{
"title": "HT208853",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208853"
},
{
"title": "HT208848",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208848"
},
{
"title": "HT208850",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208850"
},
{
"title": "HT208852",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208852"
},
{
"title": "HT208853",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208853"
},
{
"title": "HT208854",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208854"
},
{
"title": "USN-3687-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/3687-1/"
},
{
"title": "Multiple Apple product WebKit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80796"
},
{
"title": "Ubuntu Security Notice: webkit2gtk vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3687-1"
},
{
"title": "Apple: Safari 11.1.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=a694f067de60896ce5475c3b24f85ae2"
},
{
"title": "Apple: iTunes 12.7.5 for Windows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=427778ba6ddba25910ede3bba3ecff86"
},
{
"title": "Apple: iCloud for Windows 7.5",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=02a7454fe2f6b5665d8cc96d80b7dfc4"
},
{
"title": "Apple: tvOS 11.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=d2d0b1ec71830547fb971d63ee3beadb"
},
{
"title": "Apple: iOS 11.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0f3db097f895347566033494c2dda90b"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2196fa008592287290cbd6678fbe10d4"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-4232"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-602"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-19",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134263"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201808-04"
},
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/3687-1/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208848"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208850"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208852"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208853"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208854"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1041029"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4232"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4232"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98864649/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4233"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4190"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4222"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4199"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4218"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4214"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4192"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4201"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4204"
},
{
"trust": 0.5,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4188"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4224"
},
{
"trust": 0.5,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4200"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4246"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4225"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4226"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12293"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4235"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4198"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4240"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4237"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4223"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4211"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4241"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11713"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11646"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12294"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11712"
},
{
"trust": 0.2,
"url": "https://webkitgtk.org/security/wsa-2018-0005.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4249"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4243"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4206"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht204283"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4265"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4114"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4120"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0003.html"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0004.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4264"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4261"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4127"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4263"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4270"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4162"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4125"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4128"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4262"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4284"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4266"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4121"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0006.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4267"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4272"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4113"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4133"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4122"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4117"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4119"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4278"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4146"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4129"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4238"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4202"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4215"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4227"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4100"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4239"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5383"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security.html"
},
{
"trust": 0.1,
"url": "https://wpewebkit.org/security/wsa-2018-0005.html"
},
{
"trust": 0.1,
"url": "https://wpewebkit.org/security/."
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3687-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.3-0ubuntu0.17.10.1"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134263"
},
{
"db": "VULMON",
"id": "CVE-2018-4232"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "148643"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148200"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148219"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-602"
},
{
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-134263"
},
{
"db": "VULMON",
"id": "CVE-2018-4232"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"db": "PACKETSTORM",
"id": "148017"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "148643"
},
{
"db": "PACKETSTORM",
"id": "148644"
},
{
"db": "PACKETSTORM",
"id": "148200"
},
{
"db": "PACKETSTORM",
"id": "148028"
},
{
"db": "PACKETSTORM",
"id": "148027"
},
{
"db": "PACKETSTORM",
"id": "148219"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-602"
},
{
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-134263"
},
{
"date": "2018-06-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4232"
},
{
"date": "2018-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"date": "2018-06-04T15:58:18",
"db": "PACKETSTORM",
"id": "148017"
},
{
"date": "2018-08-23T18:40:24",
"db": "PACKETSTORM",
"id": "149059"
},
{
"date": "2018-07-23T14:44:44",
"db": "PACKETSTORM",
"id": "148643"
},
{
"date": "2018-07-23T14:04:44",
"db": "PACKETSTORM",
"id": "148644"
},
{
"date": "2018-06-14T18:32:22",
"db": "PACKETSTORM",
"id": "148200"
},
{
"date": "2018-06-04T16:10:27",
"db": "PACKETSTORM",
"id": "148028"
},
{
"date": "2018-06-04T16:10:01",
"db": "PACKETSTORM",
"id": "148027"
},
{
"date": "2018-06-18T16:11:08",
"db": "PACKETSTORM",
"id": "148219"
},
{
"date": "2018-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-602"
},
{
"date": "2018-06-08T18:29:01.993000",
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134263"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4232"
},
{
"date": "2018-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005525"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-602"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-4232"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "148219"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-602"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Used in products Webkit In the component Cookie Overwritten vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005525"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-602"
}
],
"trust": 0.6
}
}
VAR-201902-0855
Vulnerability from variot - Updated: 2024-07-23 22:10png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. 7) - aarch64, ppc64le
- Description:
Mozilla Thunderbird is a standalone mail and newsgroup client. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Critical: firefox security update Advisory ID: RHSA-2019:1265-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:1265 Issue date: 2019-05-23 CVE Names: CVE-2018-18511 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797 CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819 CVE-2019-9820 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11698 ==================================================================== 1. Summary:
An update for firefox is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x
- Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 60.7.0 ESR.
Security Fix(es):
-
Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800)
-
Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797)
-
Mozilla: Type confusion with object groups and UnboxedObjects (CVE-2019-9816)
-
Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817)
-
Mozilla: Compartment mismatch with fetch API (CVE-2019-9819)
-
Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820)
-
Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691)
-
Mozilla: Use-after-free removing listeners in the event listener manager (CVE-2019-11692)
-
Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693)
-
mozilla: Cross-origin theft of images with ImageBitmapRenderingContext (CVE-2018-18511)
-
chromium-browser: Out of bounds read in Skia (CVE-2019-5798)
-
Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks (CVE-2019-11698)
-
libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Firefox must be restarted for the changes to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1672409 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c 1676997 - CVE-2018-18511 mozilla: Cross-origin theft of images with ImageBitmapRenderingContext 1688200 - CVE-2019-5798 chromium-browser: Out of bounds read in Skia 1712617 - CVE-2019-11691 Mozilla: Use-after-free in XMLHttpRequest 1712618 - CVE-2019-11692 Mozilla: Use-after-free removing listeners in the event listener manager 1712619 - CVE-2019-11693 Mozilla: Buffer overflow in WebGL bufferdata on Linux 1712621 - CVE-2019-11698 Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks 1712622 - CVE-2019-9797 Mozilla: Cross-origin theft of images with createImageBitmap 1712623 - CVE-2019-9800 Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 1712625 - CVE-2019-9816 Mozilla: Type confusion with object groups and UnboxedObjects 1712626 - CVE-2019-9817 Mozilla: Stealing of cross-domain images using canvas 1712628 - CVE-2019-9819 Mozilla: Compartment mismatch with fetch API 1712629 - CVE-2019-9820 Mozilla: Use-after-free of ChromeEventHandler by DocShell
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: firefox-60.7.0-1.el7_6.src.rpm
x86_64: firefox-60.7.0-1.el7_6.x86_64.rpm firefox-debuginfo-60.7.0-1.el7_6.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: firefox-60.7.0-1.el7_6.i686.rpm firefox-debuginfo-60.7.0-1.el7_6.i686.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: firefox-60.7.0-1.el7_6.src.rpm
ppc64: firefox-60.7.0-1.el7_6.ppc64.rpm firefox-debuginfo-60.7.0-1.el7_6.ppc64.rpm
ppc64le: firefox-60.7.0-1.el7_6.ppc64le.rpm firefox-debuginfo-60.7.0-1.el7_6.ppc64le.rpm
s390x: firefox-60.7.0-1.el7_6.s390x.rpm firefox-debuginfo-60.7.0-1.el7_6.s390x.rpm
x86_64: firefox-60.7.0-1.el7_6.x86_64.rpm firefox-debuginfo-60.7.0-1.el7_6.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: firefox-60.7.0-1.el7_6.src.rpm
aarch64: firefox-60.7.0-1.el7_6.aarch64.rpm firefox-debuginfo-60.7.0-1.el7_6.aarch64.rpm
ppc64le: firefox-60.7.0-1.el7_6.ppc64le.rpm firefox-debuginfo-60.7.0-1.el7_6.ppc64le.rpm
s390x: firefox-60.7.0-1.el7_6.s390x.rpm firefox-debuginfo-60.7.0-1.el7_6.s390x.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
x86_64: firefox-60.7.0-1.el7_6.i686.rpm firefox-debuginfo-60.7.0-1.el7_6.i686.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: firefox-60.7.0-1.el7_6.src.rpm
x86_64: firefox-60.7.0-1.el7_6.x86_64.rpm firefox-debuginfo-60.7.0-1.el7_6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: firefox-60.7.0-1.el7_6.i686.rpm firefox-debuginfo-60.7.0-1.el7_6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-18511 https://access.redhat.com/security/cve/CVE-2019-5798 https://access.redhat.com/security/cve/CVE-2019-7317 https://access.redhat.com/security/cve/CVE-2019-9797 https://access.redhat.com/security/cve/CVE-2019-9800 https://access.redhat.com/security/cve/CVE-2019-9816 https://access.redhat.com/security/cve/CVE-2019-9817 https://access.redhat.com/security/cve/CVE-2019-9819 https://access.redhat.com/security/cve/CVE-2019-9820 https://access.redhat.com/security/cve/CVE-2019-11691 https://access.redhat.com/security/cve/CVE-2019-11692 https://access.redhat.com/security/cve/CVE-2019-11693 https://access.redhat.com/security/cve/CVE-2019-11698 https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXOa9NtzjgjWX9erEAQjJMQ//YCJ2neCX+EW9jtNzMzJ5XN0pUgLrz5Me 4AP0z1wH40oILuLzgpClMNu8a589SynU9CksnLAOqleunDMIYUU1rD5g7At64VKq BoVtEGY9UfGi/rhx/Xp3nrLlweDxs57yFDCGHCci4AqS4LwT3w/a0z2VkuRQ76yh ETRGdCtEmC8Ybizs5Oge4b205CoHLLGbPf8xdQ2rtX+0/Ch+lqH6MLDPMNuW0YhM Ihh/O8PHZVZwDjWrDVcPvBXENuP84H/KG03F/SURnn40sbGIz8Cw8SUXoGUQWUjz 3FxD3sd8KZfnHvs7iXdBHTW4svFJH2lmbyaIdN5yz5F1jcfyIS6DJ+HBPXYwS5AA ryZ9UlOQKgSYV6dbY/38X+ZRHwwBYAYpOceGKrrpn0J87hI/T+KVB7Wn8jKbEQZ+ s8A8s65Taa2FSi021cIBb30lgULRW5FNMmv1n8D5OVI7r4fCvx4rl5nzRRXcIaKc mgBQO6MvJre2InsLnx+djfdejnzbA7y8cPjuLBF5hCaHLmX6apZLZf+h7ZBL5Sjc LZC4m562Xfp2/N3kDfj2Oqxnk9M52933dpBHEbR9Sba+Vz/n/j4kTzsP+Za7P7AR Vdrf3Wa4/3rjmric1HCzCwLDGUS947NQo5yOnSv7Zpz4MJErpiVeHyKChoEIHyc1 fKlOXCgcXzc=Lhyh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64
- Description:
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
Security Fix(es):
-
IBM JDK: Out-of-bounds access in the String.getBytes method (CVE-2019-11772)
-
IBM JDK: Failure to privatize a value pulled out of the loop by versioning (CVE-2019-11775)
-
OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762)
-
OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769)
-
OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816)
-
OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786)
-
libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):
1672409 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c 1730056 - CVE-2019-2769 OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) 1730099 - CVE-2019-2816 OpenJDK: Missing URL format validation (Networking, 8221518) 1730255 - CVE-2019-2786 OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) 1730415 - CVE-2019-2762 OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) 1738547 - CVE-2019-11772 IBM JDK: Out-of-bounds access in the String.getBytes method 1738549 - CVE-2019-11775 IBM JDK: Failure to privatize a value pulled out of the loop by versioning
- The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Multiple security issues were discovered in Firefox. (CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11695, CVE-2019-11696, CVE-2019-11699, CVE-2019-11701, CVE-2019-7317, CVE-2019-9800, CVE-2019-9814, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820, CVE-2019-9821)
It was discovered that pressing certain key combinations could bypass addon installation prompt delays. If a user opened a specially crafted website, an attacker could potentially exploit this to trick them in to installing a malicious extension. (CVE-2019-11697)
It was discovered that history data could be exposed via drag and drop of hyperlinks to and from bookmarks. If a user were tricked in to dragging a specially crafted hyperlink to the bookmark toolbar or sidebar, and subsequently back in to the web content area, an attacker could potentially exploit this to obtain sensitive information. (CVE-2019-11698)
A type confusion bug was discovered with object groups and UnboxedObjects. ========================================================================= Ubuntu Security Notice USN-4083-1 July 31, 2019
openjdk-lts vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in OpenJDK 11.
Software Description: - openjdk-lts: Open Source Java implementation
Details:
It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. (CVE-2019-2762)
It was discovered that in some situations OpenJDK did not properly bound the amount of memory allocated during object deserialization. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service (excessive memory consumption). (CVE-2019-2769)
It was discovered that OpenJDK did not properly restrict privileges in certain situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2019-2786)
Jonathan Birch discovered that the Networking component of OpenJDK did not properly validate URLs in some situations. An attacker could use this to bypass restrictions on characters in URLs. (CVE-2019-2816)
It was discovered that the ChaCha20Cipher implementation in OpenJDK did not use constant time computations in some situations. An attacker could use this to expose sensitive information. (CVE-2019-2818)
It was discovered that the Java Secure Socket Extension (JSSE) component in OpenJDK did not properly handle OCSP stapling messages during TLS handshake in some situations. An attacker could use this to expose sensitive information. (CVE-2019-2821)
It was discovered that OpenJDK incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause OpenJDK to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-7317)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: openjdk-11-jdk 11.0.4+11-1ubuntu2~19.04 openjdk-11-jdk-headless 11.0.4+11-1ubuntu2~19.04 openjdk-11-jre 11.0.4+11-1ubuntu2~19.04 openjdk-11-jre-headless 11.0.4+11-1ubuntu2~19.04 openjdk-11-jre-zero 11.0.4+11-1ubuntu2~19.04
Ubuntu 18.04 LTS: openjdk-11-jdk 11.0.4+11-1ubuntu2~18.04.3 openjdk-11-jdk-headless 11.0.4+11-1ubuntu2~18.04.3 openjdk-11-jre 11.0.4+11-1ubuntu2~18.04.3 openjdk-11-jre-headless 11.0.4+11-1ubuntu2~18.04.3 openjdk-11-jre-zero 11.0.4+11-1ubuntu2~18.04.3
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] mozilla-firefox (SSA:2019-141-01)
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz: Upgraded. This release contains security fixes and improvements. Some of the patched flaws are considered critical, and could be used to run attacker code and install software, requiring no user interaction beyond normal browsing. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/ https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9815 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9816 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9817 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9818 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9819 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9820 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11691 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11692 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-7317 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9797 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2018-18511 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11694 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11698 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-5798 https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9800 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/mozilla-firefox-60.7.0esr-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-60.7.0esr-i686-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-60.7.0esr-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.2 package: 9bb86b28639fe241a285ae8868f6fd3c mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz
Slackware x86_64 14.2 package: 71cfd983350a89459015e89af1f4cf46 mozilla-firefox-60.7.0esr-x86_64-1_slack14.2.txz
Slackware -current package: 02f5b3d10ba9ef7a094f862b1a9b4120 xap/mozilla-firefox-60.7.0esr-i686-1.txz
Slackware x86_64 -current package: b4ccd8857ce8355105c0595cf2d84154 xap/mozilla-firefox-60.7.0esr-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4435-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2019 https://www.debian.org/security/faq
Package : libpng1.6 CVE ID : CVE-2019-7317 Debian Bug : 921355
A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.
For the stable distribution (stretch), this problem has been fixed in version 1.6.28-1+deb9u1.
We recommend that you upgrade your libpng1.6 packages.
For the detailed security status of libpng1.6 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libpng1.6
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlzECBJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Txww//aZy+AZ6sloDpGd6f8r2C5/9DsbwGLdpNsJSVaA7jX6OWKWfb+UMb7vwz fz8jUhFZFrjD8DtF1fyrhO5yzbnFGMGSd8HpfOP7aNfBQBnud0jwnVlmTRiB4idq bKC5SEhjjU7SlGBNZ7vfrM2AbaPEp+ge08O6Pd7YpeV7JbwSHEEDLpLaPLFkLyik h2zb7efpHRew0QmVfi6HcIf5jAKBz2G4JTIKD9tHrfWcVBOpehmCGV8VJ9Hx0ean J+VkhDn1ix1M686spf+OuG8GGgdmWaR5IA3Mp9Arz52Mxq83660G4ji1cMcltZa/ Hlb9pntp8Mlz8uQ71FUcy/RZmZiqDXy49SHCA1Dt+EnE5vcHi1LXLopnOHdqo14B xjW88ME7gzAtHTyup2UFOS93mVmklGytmPUixXEiWo8GMazJvlPvvFqoAmB1igeY BD2wa1exgZgS6UpmOXmsKYfOeFjRYY3muqtF5zme4Az0OYxr5UzB5kvDuUm3SHhA WXysaVYyq7eFuhXT95gSQgKfUVZIC6AeOZ/jSJ7HcEex8oj71KyHjbbHFr5Lfx3g fsLeD59kj8ovTrx02/e2LcSpuXqZDLcbipJlhAiUItSQf0vJK+DUbgZ0r6GjdInO 78W1KDDUpmXk4uGEWae/bR/HuoAZV26Y5VX8Pd6TaU59oif8/sQ= =jInk -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201902-0855",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "xp7 command view advanced edition suite",
"scope": "lt",
"trust": 1.0,
"vendor": "hpe",
"version": "8.7.0-00"
},
{
"model": "snapmanager",
"scope": "lt",
"trust": 1.0,
"vendor": "netapp",
"version": "3.4.2"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "oncommand insight",
"scope": "lt",
"trust": 1.0,
"vendor": "netapp",
"version": "7.3.9"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.6.0"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "active iq unified manager",
"scope": "lt",
"trust": 1.0,
"vendor": "netapp",
"version": "9.6"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "xp7 command view",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "8.7.0-00"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.6.37"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.0.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": null
},
{
"model": "e-series santricity unified manager",
"scope": "lt",
"trust": 1.0,
"vendor": "netapp",
"version": "3.2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "cloud backup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "e-series santricity storage manager",
"scope": "lt",
"trust": 1.0,
"vendor": "netapp",
"version": "11.53"
},
{
"model": "mysql",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.23"
},
{
"model": "snapmanager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": "3.4.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.10"
},
{
"model": "hyperion infrastructure technology",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.2.6.0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "java se",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8u212"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": "9.6"
},
{
"model": "e-series santricity management",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "package hub",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": null
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "oncommand workflow automation",
"scope": "lt",
"trust": 1.0,
"vendor": "netapp",
"version": "5.1"
},
{
"model": "plug-in for symantec netbackup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "e-series santricity web services",
"scope": "lt",
"trust": 1.0,
"vendor": "netapp",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "steelstore",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "firefox esr",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": null
},
{
"model": "satellite",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.04"
},
{
"model": "java se",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7u221"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.6.37",
"versionStartIncluding": "1.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:11.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:12.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:java_se:8u212:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:java_se:7u221:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.23",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hpe:xp7_command_view_advanced_edition_suite:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.7.0-00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.7.0-00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:opensuse:package_hub:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vcenter:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:sap:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:oracle:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:oracle:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"versionEndExcluding": "9.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "9.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.53",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_unified_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_web_services:*:*:*:*:*:web_services_proxy:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_insight:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.3.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "153157"
},
{
"db": "PACKETSTORM",
"id": "153064"
},
{
"db": "PACKETSTORM",
"id": "154285"
},
{
"db": "PACKETSTORM",
"id": "153158"
}
],
"trust": 0.4
},
"cve": "CVE-2019-7317",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2019-7317",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-7317",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-7317",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-7317"
},
{
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. 7) - aarch64, ppc64le\n\n3. Description:\n\nMozilla Thunderbird is a standalone mail and newsgroup client. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Critical: firefox security update\nAdvisory ID: RHSA-2019:1265-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:1265\nIssue date: 2019-05-23\nCVE Names: CVE-2018-18511 CVE-2019-5798 CVE-2019-7317\n CVE-2019-9797 CVE-2019-9800 CVE-2019-9816\n CVE-2019-9817 CVE-2019-9819 CVE-2019-9820\n CVE-2019-11691 CVE-2019-11692 CVE-2019-11693\n CVE-2019-11698\n====================================================================\n1. Summary:\n\nAn update for firefox is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x\n\n3. Description:\n\nMozilla Firefox is an open-source web browser, designed for standards\ncompliance, performance, and portability. \n\nThis update upgrades Firefox to version 60.7.0 ESR. \n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7\n(CVE-2019-9800)\n\n* Mozilla: Cross-origin theft of images with createImageBitmap\n(CVE-2019-9797)\n\n* Mozilla: Type confusion with object groups and UnboxedObjects\n(CVE-2019-9816)\n\n* Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817)\n\n* Mozilla: Compartment mismatch with fetch API (CVE-2019-9819)\n\n* Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820)\n\n* Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691)\n\n* Mozilla: Use-after-free removing listeners in the event listener manager\n(CVE-2019-11692)\n\n* Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693)\n\n* mozilla: Cross-origin theft of images with ImageBitmapRenderingContext\n(CVE-2018-18511)\n\n* chromium-browser: Out of bounds read in Skia (CVE-2019-5798)\n\n* Mozilla: Theft of user history data through drag and drop of hyperlinks\nto and from bookmarks (CVE-2019-11698)\n\n* libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to\ntake effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1672409 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c\n1676997 - CVE-2018-18511 mozilla: Cross-origin theft of images with ImageBitmapRenderingContext\n1688200 - CVE-2019-5798 chromium-browser: Out of bounds read in Skia\n1712617 - CVE-2019-11691 Mozilla: Use-after-free in XMLHttpRequest\n1712618 - CVE-2019-11692 Mozilla: Use-after-free removing listeners in the event listener manager\n1712619 - CVE-2019-11693 Mozilla: Buffer overflow in WebGL bufferdata on Linux\n1712621 - CVE-2019-11698 Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks\n1712622 - CVE-2019-9797 Mozilla: Cross-origin theft of images with createImageBitmap\n1712623 - CVE-2019-9800 Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7\n1712625 - CVE-2019-9816 Mozilla: Type confusion with object groups and UnboxedObjects\n1712626 - CVE-2019-9817 Mozilla: Stealing of cross-domain images using canvas\n1712628 - CVE-2019-9819 Mozilla: Compartment mismatch with fetch API\n1712629 - CVE-2019-9820 Mozilla: Use-after-free of ChromeEventHandler by DocShell\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nfirefox-60.7.0-1.el7_6.src.rpm\n\nx86_64:\nfirefox-60.7.0-1.el7_6.x86_64.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nfirefox-60.7.0-1.el7_6.i686.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.i686.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nfirefox-60.7.0-1.el7_6.src.rpm\n\nppc64:\nfirefox-60.7.0-1.el7_6.ppc64.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.ppc64.rpm\n\nppc64le:\nfirefox-60.7.0-1.el7_6.ppc64le.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.ppc64le.rpm\n\ns390x:\nfirefox-60.7.0-1.el7_6.s390x.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.s390x.rpm\n\nx86_64:\nfirefox-60.7.0-1.el7_6.x86_64.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nSource:\nfirefox-60.7.0-1.el7_6.src.rpm\n\naarch64:\nfirefox-60.7.0-1.el7_6.aarch64.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.aarch64.rpm\n\nppc64le:\nfirefox-60.7.0-1.el7_6.ppc64le.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.ppc64le.rpm\n\ns390x:\nfirefox-60.7.0-1.el7_6.s390x.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nx86_64:\nfirefox-60.7.0-1.el7_6.i686.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.i686.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nfirefox-60.7.0-1.el7_6.src.rpm\n\nx86_64:\nfirefox-60.7.0-1.el7_6.x86_64.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nfirefox-60.7.0-1.el7_6.i686.rpm\nfirefox-debuginfo-60.7.0-1.el7_6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-18511\nhttps://access.redhat.com/security/cve/CVE-2019-5798\nhttps://access.redhat.com/security/cve/CVE-2019-7317\nhttps://access.redhat.com/security/cve/CVE-2019-9797\nhttps://access.redhat.com/security/cve/CVE-2019-9800\nhttps://access.redhat.com/security/cve/CVE-2019-9816\nhttps://access.redhat.com/security/cve/CVE-2019-9817\nhttps://access.redhat.com/security/cve/CVE-2019-9819\nhttps://access.redhat.com/security/cve/CVE-2019-9820\nhttps://access.redhat.com/security/cve/CVE-2019-11691\nhttps://access.redhat.com/security/cve/CVE-2019-11692\nhttps://access.redhat.com/security/cve/CVE-2019-11693\nhttps://access.redhat.com/security/cve/CVE-2019-11698\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-14/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXOa9NtzjgjWX9erEAQjJMQ//YCJ2neCX+EW9jtNzMzJ5XN0pUgLrz5Me\n4AP0z1wH40oILuLzgpClMNu8a589SynU9CksnLAOqleunDMIYUU1rD5g7At64VKq\nBoVtEGY9UfGi/rhx/Xp3nrLlweDxs57yFDCGHCci4AqS4LwT3w/a0z2VkuRQ76yh\nETRGdCtEmC8Ybizs5Oge4b205CoHLLGbPf8xdQ2rtX+0/Ch+lqH6MLDPMNuW0YhM\nIhh/O8PHZVZwDjWrDVcPvBXENuP84H/KG03F/SURnn40sbGIz8Cw8SUXoGUQWUjz\n3FxD3sd8KZfnHvs7iXdBHTW4svFJH2lmbyaIdN5yz5F1jcfyIS6DJ+HBPXYwS5AA\nryZ9UlOQKgSYV6dbY/38X+ZRHwwBYAYpOceGKrrpn0J87hI/T+KVB7Wn8jKbEQZ+\ns8A8s65Taa2FSi021cIBb30lgULRW5FNMmv1n8D5OVI7r4fCvx4rl5nzRRXcIaKc\nmgBQO6MvJre2InsLnx+djfdejnzbA7y8cPjuLBF5hCaHLmX6apZLZf+h7ZBL5Sjc\nLZC4m562Xfp2/N3kDfj2Oqxnk9M52933dpBHEbR9Sba+Vz/n/j4kTzsP+Za7P7AR\nVdrf3Wa4/3rjmric1HCzCwLDGUS947NQo5yOnSv7Zpz4MJErpiVeHyKChoEIHyc1\nfKlOXCgcXzc=Lhyh\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6) - i386, x86_64\n\n3. Description:\n\nIBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit. \n\nSecurity Fix(es):\n\n* IBM JDK: Out-of-bounds access in the String.getBytes method\n(CVE-2019-11772)\n\n* IBM JDK: Failure to privatize a value pulled out of the loop by\nversioning (CVE-2019-11775)\n\n* OpenJDK: Insufficient checks of suppressed exceptions in deserialization\n(Utilities, 8212328) (CVE-2019-2762)\n\n* OpenJDK: Unbounded memory allocation during deserialization in\nCollections (Utilities, 8213432) (CVE-2019-2769)\n\n* OpenJDK: Missing URL format validation (Networking, 8221518)\n(CVE-2019-2816)\n\n* OpenJDK: Insufficient restriction of privileges in AccessController\n(Security, 8216381) (CVE-2019-2786)\n\n* libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n1672409 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c\n1730056 - CVE-2019-2769 OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432)\n1730099 - CVE-2019-2816 OpenJDK: Missing URL format validation (Networking, 8221518)\n1730255 - CVE-2019-2786 OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381)\n1730415 - CVE-2019-2762 OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328)\n1738547 - CVE-2019-11772 IBM JDK: Out-of-bounds access in the String.getBytes method\n1738549 - CVE-2019-11775 IBM JDK: Failure to privatize a value pulled out of the loop by versioning\n\n6. The update caused a\nregression which resulted in issues when upgrading between Ubuntu\nreleases. This update fixes the problem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n Multiple security issues were discovered in Firefox. (CVE-2019-11691, CVE-2019-11692, CVE-2019-11693,\n CVE-2019-11695, CVE-2019-11696, CVE-2019-11699, CVE-2019-11701,\n CVE-2019-7317, CVE-2019-9800, CVE-2019-9814, CVE-2019-9817, CVE-2019-9819,\n CVE-2019-9820, CVE-2019-9821)\n \n It was discovered that pressing certain key combinations could bypass\n addon installation prompt delays. If a user opened a specially crafted\n website, an attacker could potentially exploit this to trick them in to\n installing a malicious extension. (CVE-2019-11697)\n \n It was discovered that history data could be exposed via drag and drop\n of hyperlinks to and from bookmarks. If a user were tricked in to dragging\n a specially crafted hyperlink to the bookmark toolbar or sidebar, and\n subsequently back in to the web content area, an attacker could\n potentially exploit this to obtain sensitive information. (CVE-2019-11698)\n \n A type confusion bug was discovered with object groups and UnboxedObjects. =========================================================================\nUbuntu Security Notice USN-4083-1\nJuly 31, 2019\n\nopenjdk-lts vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK 11. \n\nSoftware Description:\n- openjdk-lts: Open Source Java implementation\n\nDetails:\n\nIt was discovered that OpenJDK did not sufficiently validate serial streams\nbefore deserializing suppressed exceptions in some situations. An attacker\ncould use this to specially craft an object that, when deserialized, would\ncause a denial of service. (CVE-2019-2762)\n\nIt was discovered that in some situations OpenJDK did not properly bound\nthe amount of memory allocated during object deserialization. An attacker\ncould use this to specially craft an object that, when deserialized, would\ncause a denial of service (excessive memory consumption). (CVE-2019-2769)\n\nIt was discovered that OpenJDK did not properly restrict privileges in\ncertain situations. An attacker could use this to specially construct an\nuntrusted Java application or applet that could escape sandbox\nrestrictions. (CVE-2019-2786)\n\nJonathan Birch discovered that the Networking component of OpenJDK did not\nproperly validate URLs in some situations. An attacker could use this to\nbypass restrictions on characters in URLs. (CVE-2019-2816)\n\nIt was discovered that the ChaCha20Cipher implementation in OpenJDK did not\nuse constant time computations in some situations. An attacker could use\nthis to expose sensitive information. (CVE-2019-2818)\n\nIt was discovered that the Java Secure Socket Extension (JSSE) component in\nOpenJDK did not properly handle OCSP stapling messages during TLS handshake\nin some situations. An attacker could use this to expose sensitive\ninformation. (CVE-2019-2821)\n\nIt was discovered that OpenJDK incorrectly handled certain memory\noperations. If a user or automated system were tricked into opening a\nspecially crafted PNG file, a remote attacker could use this issue to\ncause OpenJDK to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2019-7317)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n openjdk-11-jdk 11.0.4+11-1ubuntu2~19.04\n openjdk-11-jdk-headless 11.0.4+11-1ubuntu2~19.04\n openjdk-11-jre 11.0.4+11-1ubuntu2~19.04\n openjdk-11-jre-headless 11.0.4+11-1ubuntu2~19.04\n openjdk-11-jre-zero 11.0.4+11-1ubuntu2~19.04\n\nUbuntu 18.04 LTS:\n openjdk-11-jdk 11.0.4+11-1ubuntu2~18.04.3\n openjdk-11-jdk-headless 11.0.4+11-1ubuntu2~18.04.3\n openjdk-11-jre 11.0.4+11-1ubuntu2~18.04.3\n openjdk-11-jre-headless 11.0.4+11-1ubuntu2~18.04.3\n openjdk-11-jre-zero 11.0.4+11-1ubuntu2~18.04.3\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any Java\napplications or applets to make all the necessary changes. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n[slackware-security] mozilla-firefox (SSA:2019-141-01)\n\nNew mozilla-firefox packages are available for Slackware 14.2 and -current to\nfix security issues. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz: Upgraded. \n This release contains security fixes and improvements. Some of the patched\n flaws are considered critical, and could be used to run attacker code and\n install software, requiring no user interaction beyond normal browsing. \n For more information, see:\n https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9815\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9816\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9817\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9818\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9819\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9820\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11691\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11692\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-7317\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9797\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2018-18511\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11694\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11698\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-5798\n https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9800\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/mozilla-firefox-60.7.0esr-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-60.7.0esr-i686-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-60.7.0esr-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.2 package:\n9bb86b28639fe241a285ae8868f6fd3c mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n71cfd983350a89459015e89af1f4cf46 mozilla-firefox-60.7.0esr-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n02f5b3d10ba9ef7a094f862b1a9b4120 xap/mozilla-firefox-60.7.0esr-i686-1.txz\n\nSlackware x86_64 -current package:\nb4ccd8857ce8355105c0595cf2d84154 xap/mozilla-firefox-60.7.0esr-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4435-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nApril 27, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libpng1.6\nCVE ID : CVE-2019-7317\nDebian Bug : 921355\n\nA use-after-free vulnerability was discovered in the png_image_free()\nfunction in the libpng PNG library, which could lead to denial of\nservice or potentially the execution of arbitrary code if a malformed\nimage is processed. \n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 1.6.28-1+deb9u1. \n\nWe recommend that you upgrade your libpng1.6 packages. \n\nFor the detailed security status of libpng1.6 please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/libpng1.6\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlzECBJfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0Txww//aZy+AZ6sloDpGd6f8r2C5/9DsbwGLdpNsJSVaA7jX6OWKWfb+UMb7vwz\nfz8jUhFZFrjD8DtF1fyrhO5yzbnFGMGSd8HpfOP7aNfBQBnud0jwnVlmTRiB4idq\nbKC5SEhjjU7SlGBNZ7vfrM2AbaPEp+ge08O6Pd7YpeV7JbwSHEEDLpLaPLFkLyik\nh2zb7efpHRew0QmVfi6HcIf5jAKBz2G4JTIKD9tHrfWcVBOpehmCGV8VJ9Hx0ean\nJ+VkhDn1ix1M686spf+OuG8GGgdmWaR5IA3Mp9Arz52Mxq83660G4ji1cMcltZa/\nHlb9pntp8Mlz8uQ71FUcy/RZmZiqDXy49SHCA1Dt+EnE5vcHi1LXLopnOHdqo14B\nxjW88ME7gzAtHTyup2UFOS93mVmklGytmPUixXEiWo8GMazJvlPvvFqoAmB1igeY\nBD2wa1exgZgS6UpmOXmsKYfOeFjRYY3muqtF5zme4Az0OYxr5UzB5kvDuUm3SHhA\nWXysaVYyq7eFuhXT95gSQgKfUVZIC6AeOZ/jSJ7HcEex8oj71KyHjbbHFr5Lfx3g\nfsLeD59kj8ovTrx02/e2LcSpuXqZDLcbipJlhAiUItSQf0vJK+DUbgZ0r6GjdInO\n78W1KDDUpmXk4uGEWae/bR/HuoAZV26Y5VX8Pd6TaU59oif8/sQ=\n=jInk\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-7317"
},
{
"db": "VULMON",
"id": "CVE-2019-7317"
},
{
"db": "PACKETSTORM",
"id": "153157"
},
{
"db": "PACKETSTORM",
"id": "153064"
},
{
"db": "PACKETSTORM",
"id": "154285"
},
{
"db": "PACKETSTORM",
"id": "153212"
},
{
"db": "PACKETSTORM",
"id": "153011"
},
{
"db": "PACKETSTORM",
"id": "153845"
},
{
"db": "PACKETSTORM",
"id": "153002"
},
{
"db": "PACKETSTORM",
"id": "153158"
},
{
"db": "PACKETSTORM",
"id": "152664"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-7317",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "152561",
"trust": 1.1
},
{
"db": "BID",
"id": "108098",
"trust": 1.1
},
{
"db": "VULMON",
"id": "CVE-2019-7317",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153157",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153064",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154285",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153212",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153011",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153845",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153002",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153158",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152664",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-7317"
},
{
"db": "PACKETSTORM",
"id": "153157"
},
{
"db": "PACKETSTORM",
"id": "153064"
},
{
"db": "PACKETSTORM",
"id": "154285"
},
{
"db": "PACKETSTORM",
"id": "153212"
},
{
"db": "PACKETSTORM",
"id": "153011"
},
{
"db": "PACKETSTORM",
"id": "153845"
},
{
"db": "PACKETSTORM",
"id": "153002"
},
{
"db": "PACKETSTORM",
"id": "153158"
},
{
"db": "PACKETSTORM",
"id": "152664"
},
{
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"id": "VAR-201902-0855",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2024-07-23T22:10:27.196000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Debian CVElist Bug Report Logs: libpng1.6: CVE-2019-7317: use-after-free in png_image_free in png.c",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ef2bbc82329f4e3dd9e23c0137af2a7b"
},
{
"title": "Ubuntu Security Notice: libpng1.6 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3962-1"
},
{
"title": "Debian Security Advisories: DSA-4435-1 libpng1.6 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d60ba88361ab9afdcad18ca2a106ac3b"
},
{
"title": "Red Hat: Important: java-1.7.1-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192494 - security advisory"
},
{
"title": "Red Hat: Important: java-1.7.1-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192495 - security advisory"
},
{
"title": "Arch Linux Advisories: [ASA-201904-10] libpng: denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201904-10"
},
{
"title": "Red Hat: Important: java-1.8.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192737 - security advisory"
},
{
"title": "Red Hat: CVE-2019-7317",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2019-7317"
},
{
"title": "Red Hat: Important: java-1.8.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192585 - security advisory"
},
{
"title": "Red Hat: Important: java-1.8.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192590 - security advisory"
},
{
"title": "Red Hat: Important: java-1.8.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192592 - security advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2019-7317"
},
{
"title": "Red Hat: Important: thunderbird security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191308 - security advisory"
},
{
"title": "Red Hat: Important: thunderbird security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191310 - security advisory"
},
{
"title": "Red Hat: Critical: firefox security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191265 - security advisory"
},
{
"title": "Red Hat: Critical: firefox security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191269 - security advisory"
},
{
"title": "Red Hat: Important: thunderbird security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191309 - security advisory"
},
{
"title": "Ubuntu Security Notice: openjdk-lts vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4083-1"
},
{
"title": "Red Hat: Critical: firefox security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191267 - security advisory"
},
{
"title": "Ubuntu Security Notice: openjdk-8 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4080-1"
},
{
"title": "Ubuntu Security Notice: thunderbird vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3997-1"
},
{
"title": "Debian Security Advisories: DSA-4451-1 thunderbird -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=1cf7f39c2c474666174a69cf97b06740"
},
{
"title": "Ubuntu Security Notice: firefox regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3991-3"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=61e62f4d9c861153c6391afc0ec560a4"
},
{
"title": "Debian Security Advisories: DSA-4448-1 firefox-esr -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=e2d9ccf571c31c1011ad31af2798140f"
},
{
"title": "Ubuntu Security Notice: firefox regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3991-2"
},
{
"title": "Ubuntu Security Notice: firefox vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3991-1"
},
{
"title": "Arch Linux Advisories: [ASA-201905-8] thunderbird: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201905-8"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1246",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2019-1246"
},
{
"title": "Mozilla: Mozilla Foundation Security Advisory 2019-14",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=2019-14"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Mozilla Firefox vulnerability in IBM SONAS",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4a8e20a238934bc47ca332a3c76cc9c3"
},
{
"title": "Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager and Hitachi Infrastructure Analytics Advisor",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories\u0026qid=hitachi-sec-2019-117"
},
{
"title": "IBM: Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (January 2020v2)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=acad3ac1b2767940a01b72ed1b51586b"
},
{
"title": "Arch Linux Advisories: [ASA-201905-9] firefox: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201905-9"
},
{
"title": "Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexus",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories\u0026qid=hitachi-sec-2019-116"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1229",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2019-1229"
},
{
"title": "Mozilla: Security vulnerabilities fixed in Firefox ESR 60.7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=554d832b08166d6d04a53f3c421e7f9b"
},
{
"title": "IBM: IBM Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU \u2013 Jul 2019 \u2013 Includes Oracle Jul 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=de7b9859dff396513e72da22ffc4ab3e"
},
{
"title": "Mozilla: Mozilla Foundation Security Advisory 2019-15",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=2019-15"
},
{
"title": "Mozilla: Security vulnerabilities fixed in Thunderbird 60.7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=198e3a670ab8c803584e801da3919e61"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities may affect IBM\u00ae SDK, Java\u2122 Technology Edition",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=836b059f33e614408bd51705b325caaf"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b352b6737bfbf2a62b0a2201928e8963"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Manager with OpenStack",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1ad5c6091de269fb79e0c4d1c06b0846"
},
{
"title": "Mozilla: Security vulnerabilities fixed in Firefox 67",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=730fce689efe63b7de803de0d8794796"
},
{
"title": "Mozilla: Mozilla Foundation Security Advisory 2019-13",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=2019-13"
},
{
"title": "IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches \u2013 Release 1801-z",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4ef3e54cc5cdc194f0526779f9480f89"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-7317"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3962-1/"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:1265"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:1310"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:1309"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/108098"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2019:2592"
},
{
"trust": 1.1,
"url": "https://github.com/glennrp/libpng/issues/275"
},
{
"trust": 1.1,
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/apr/30"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/152561/slackware-security-advisory-libpng-updates.html"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2019/dsa-4435"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/apr/36"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3991-1/"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/may/56"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/may/59"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2019/dsa-4448"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1269"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1267"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2019/dsa-4451"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/may/67"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3997-1/"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1308"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20190719-0005/"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/4080-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/4083-1/"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201908-02"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:2494"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:2495"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:2585"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:2590"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:2737"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbst03977en_us"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-7317"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9820"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11698"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18511"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11691"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9819"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9800"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9817"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9797"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5798"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11693"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11692"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-7317"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9817"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-11698"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9797"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-11692"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-11693"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9819"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-18511"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9820"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9800"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-11691"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-5798"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9816"
},
{
"trust": 0.2,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-15/"
},
{
"trust": 0.2,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2786"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2769"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2816"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2762"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921355"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=59551"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9816"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11775"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11772"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-2762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11772"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-2786"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-2769"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11775"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-2816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11697"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/67.0.1+build1-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1830096"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3991-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/67.0.1+build1-0ubuntu0.19.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/67.0.1+build1-0ubuntu0.18.10.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11695"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3991-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/67.0.1+build1-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/firefox-esr"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-lts/11.0.4+11-1ubuntu2~19.04"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4083-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2818"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2821"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-lts/11.0.4+11-1ubuntu2~18.04.3"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-9800"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-11691"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-11692"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/security/known-vulnerabilities/firefoxesr.html"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-9817"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-11698"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-9815"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-9797"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2018-18511"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-9820"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-5798"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-9818"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-9816"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-9819"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-11693"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-7317"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2019-14/#cve-2019-11694"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/libpng1.6"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-7317"
},
{
"db": "PACKETSTORM",
"id": "153157"
},
{
"db": "PACKETSTORM",
"id": "153064"
},
{
"db": "PACKETSTORM",
"id": "154285"
},
{
"db": "PACKETSTORM",
"id": "153212"
},
{
"db": "PACKETSTORM",
"id": "153011"
},
{
"db": "PACKETSTORM",
"id": "153845"
},
{
"db": "PACKETSTORM",
"id": "153002"
},
{
"db": "PACKETSTORM",
"id": "153158"
},
{
"db": "PACKETSTORM",
"id": "152664"
},
{
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2019-7317"
},
{
"db": "PACKETSTORM",
"id": "153157"
},
{
"db": "PACKETSTORM",
"id": "153064"
},
{
"db": "PACKETSTORM",
"id": "154285"
},
{
"db": "PACKETSTORM",
"id": "153212"
},
{
"db": "PACKETSTORM",
"id": "153011"
},
{
"db": "PACKETSTORM",
"id": "153845"
},
{
"db": "PACKETSTORM",
"id": "153002"
},
{
"db": "PACKETSTORM",
"id": "153158"
},
{
"db": "PACKETSTORM",
"id": "152664"
},
{
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-04T00:00:00",
"db": "VULMON",
"id": "CVE-2019-7317"
},
{
"date": "2019-06-03T14:44:44",
"db": "PACKETSTORM",
"id": "153157"
},
{
"date": "2019-05-23T16:55:25",
"db": "PACKETSTORM",
"id": "153064"
},
{
"date": "2019-09-02T17:41:04",
"db": "PACKETSTORM",
"id": "154285"
},
{
"date": "2019-06-06T17:02:22",
"db": "PACKETSTORM",
"id": "153212"
},
{
"date": "2019-05-22T23:44:44",
"db": "PACKETSTORM",
"id": "153011"
},
{
"date": "2019-07-31T21:49:16",
"db": "PACKETSTORM",
"id": "153845"
},
{
"date": "2019-05-22T14:39:49",
"db": "PACKETSTORM",
"id": "153002"
},
{
"date": "2019-06-03T14:02:22",
"db": "PACKETSTORM",
"id": "153158"
},
{
"date": "2019-04-29T17:22:22",
"db": "PACKETSTORM",
"id": "152664"
},
{
"date": "2019-02-04T08:29:00.447000",
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-23T00:00:00",
"db": "VULMON",
"id": "CVE-2019-7317"
},
{
"date": "2022-05-23T15:02:40.667000",
"db": "NVD",
"id": "CVE-2019-7317"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Security Advisory 2019-1309-01",
"sources": [
{
"db": "PACKETSTORM",
"id": "153157"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow",
"sources": [
{
"db": "PACKETSTORM",
"id": "153157"
},
{
"db": "PACKETSTORM",
"id": "153064"
},
{
"db": "PACKETSTORM",
"id": "153158"
}
],
"trust": 0.3
}
}
VAR-201506-0038
Vulnerability from variot - Updated: 2024-07-23 22:10Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. QEMU is prone to a heap-based buffer-overflow vulnerability. Failed attacks will cause denial-of-service conditions. QEMU (also known as Quick Emulator) is a set of analog processor software developed by French programmer Fabrice Bellard. The software has the characteristics of fast speed and cross-platform. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: qemu-kvm security update Advisory ID: RHSA-2015:1087-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1087.html Issue date: 2015-06-10 CVE Names: CVE-2015-3209 =====================================================================
- Summary:
Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
- Description:
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM.
A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. (CVE-2015-3209)
Red Hat would like to thank Matt Tait of Google's Project Zero security team for reporting this issue.
All qemu-kvm users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1225882 - CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm
x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm
x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm
x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-3209 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVeHRmXlSAg2UNWIIRAkq5AKCeYGr9MG7Kdic1FVJZw2avAhO6eACdFG0W VCkW3jIuuaxOqeYM0s8u6ss= =+WsT -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
CVE-2015-4037
Kurt Seifried of Red Hat Product Security discovered that QEMU's
user mode networking stack uses predictable temporary file names
when the -smb option is used.
For the oldstable distribution (wheezy), these problems have been fixed in version 1.1.2+dfsg-6+deb7u8.
We recommend that you upgrade your qemu-kvm packages. From: Yury German blueknight@gentoo.org To: gentoo-announce@lists.gentoo.org Message-ID: 57035F2D.8090108@gentoo.org Subject: [ GLSA 201604-03 ] Xen: Multiple vulnerabilities
Gentoo Linux Security Advisory GLSA 201604-03
https://security.gentoo.org/
Severity: Normal Title: Xen: Multiple vulnerabilities Date: April 05, 2016 Bugs: #445254, #513832, #547202, #549200, #549950, #550658, #553664, #553718, #555532, #556304, #561110, #564472, #564932, #566798, #566838, #566842, #567962, #571552, #571556, #574012 ID: 201604-03
Synopsis
Multiple vulnerabilities have been found in Xen, the worst of which cause a Denial of Service.
Background
Xen is a bare-metal hypervisor.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/xen < 4.6.0-r9 >= 4.6.0-r9 >= 4.5.2-r5 2 app-emulation/xen-pvgrub < 4.6.0 Vulnerable! 3 app-emulation/xen-tools < 4.6.0-r9 >= 4.6.0-r9 >= 4.5.2-r5 4 app-emulation/pvgrub >= 4.6.0 *>= 4.5.2 ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 4 affected packages
Description
Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Xen 4.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.5.2-r5"
All Xen 4.6 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.6.0-r9"
All Xen tools 4.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.5.2-r5"
All Xen tools 4.6 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.6.0-r9"
All Xen pvgrub users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-pvgrub-4.6.0"=
References
[ 1 ] CVE-2012-3494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494 [ 2 ] CVE-2012-3495 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495 [ 3 ] CVE-2012-3496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496 [ 4 ] CVE-2012-3497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497 [ 5 ] CVE-2012-3498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498 [ 6 ] CVE-2012-3515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515 [ 7 ] CVE-2012-4411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411 [ 8 ] CVE-2012-4535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535 [ 9 ] CVE-2012-4536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536 [ 10 ] CVE-2012-4537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537 [ 11 ] CVE-2012-4538 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538 [ 12 ] CVE-2012-4539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539 [ 13 ] CVE-2012-6030 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030 [ 14 ] CVE-2012-6031 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031 [ 15 ] CVE-2012-6032 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032 [ 16 ] CVE-2012-6033 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033 [ 17 ] CVE-2012-6034 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034 [ 18 ] CVE-2012-6035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035 [ 19 ] CVE-2012-6036 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036 [ 20 ] CVE-2015-2151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2151 [ 21 ] CVE-2015-3209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3209 [ 22 ] CVE-2015-3259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3259 [ 23 ] CVE-2015-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3340 [ 24 ] CVE-2015-3456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456 [ 25 ] CVE-2015-4103 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4103 [ 26 ] CVE-2015-4104 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4104 [ 27 ] CVE-2015-4105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4105 [ 28 ] CVE-2015-4106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4106 [ 29 ] CVE-2015-4163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4163 [ 30 ] CVE-2015-4164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4164 [ 31 ] CVE-2015-5154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5154 [ 32 ] CVE-2015-7311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7311 [ 33 ] CVE-2015-7504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504 [ 34 ] CVE-2015-7812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7812 [ 35 ] CVE-2015-7813 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7813 [ 36 ] CVE-2015-7814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7814 [ 37 ] CVE-2015-7835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7835 [ 38 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 39 ] CVE-2015-7969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7969 [ 40 ] CVE-2015-7970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7970 [ 41 ] CVE-2015-7971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7971 [ 42 ] CVE-2015-7972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7972 [ 43 ] CVE-2015-8339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8339 [ 44 ] CVE-2015-8340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8340 [ 45 ] CVE-2015-8341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8341 [ 46 ] CVE-2015-8550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8550 [ 47 ] CVE-2015-8551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8551 [ 48 ] CVE-2015-8552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8552 [ 49 ] CVE-2015-8554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8554 [ 50 ] CVE-2015-8555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8555 [ 51 ] CVE-2016-2270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2270 [ 52 ] CVE-2016-2271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2271
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201604-03
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--roWGDR0oQEDLX1s6lNAQV7ISgI2Pjo8Pc . ============================================================================ Ubuntu Security Notice USN-2630-1 June 10, 2015
qemu, qemu-kvm vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in QEMU.
Software Description: - qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer
Details:
Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2015-3209)
Kurt Seifried discovered that QEMU incorrectly handled certain temporary files. A local attacker could use this issue to cause a denial of service. (CVE-2015-4037)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted write access to the host MSI message data field. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4103)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted access to the PCI MSI mask bits. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4104)
Jan Beulich discovered that the QEMU Xen code incorrectly handled MSI-X error messages. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4105)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted write access to the PCI config space. A malicious guest could use this issue to cause a denial of service, obtain sensitive information, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4106)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: qemu-system 1:2.2+dfsg-5expubuntu9.2 qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.2 qemu-system-arm 1:2.2+dfsg-5expubuntu9.2 qemu-system-mips 1:2.2+dfsg-5expubuntu9.2 qemu-system-misc 1:2.2+dfsg-5expubuntu9.2 qemu-system-ppc 1:2.2+dfsg-5expubuntu9.2 qemu-system-sparc 1:2.2+dfsg-5expubuntu9.2 qemu-system-x86 1:2.2+dfsg-5expubuntu9.2
Ubuntu 14.10: qemu-system 2.1+dfsg-4ubuntu6.7 qemu-system-aarch64 2.1+dfsg-4ubuntu6.7 qemu-system-arm 2.1+dfsg-4ubuntu6.7 qemu-system-mips 2.1+dfsg-4ubuntu6.7 qemu-system-misc 2.1+dfsg-4ubuntu6.7 qemu-system-ppc 2.1+dfsg-4ubuntu6.7 qemu-system-sparc 2.1+dfsg-4ubuntu6.7 qemu-system-x86 2.1+dfsg-4ubuntu6.7
Ubuntu 14.04 LTS: qemu-system 2.0.0+dfsg-2ubuntu1.13 qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.13 qemu-system-arm 2.0.0+dfsg-2ubuntu1.13 qemu-system-mips 2.0.0+dfsg-2ubuntu1.13 qemu-system-misc 2.0.0+dfsg-2ubuntu1.13 qemu-system-ppc 2.0.0+dfsg-2ubuntu1.13 qemu-system-sparc 2.0.0+dfsg-2ubuntu1.13 qemu-system-x86 2.0.0+dfsg-2ubuntu1.13
Ubuntu 12.04 LTS: qemu-kvm 1.0+noroms-0ubuntu14.23
After a standard system update you need to restart all QEMU virtual machines to make all the necessary changes.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0038",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.13"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "qemu",
"scope": "lte",
"trust": 1.0,
"vendor": "qemu",
"version": "2.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.14"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "22"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.15"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux enterprise debuginfo",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "junos space",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "15.1"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "21"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.10"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "qemu",
"scope": null,
"trust": 0.8,
"vendor": "fabrice bellard",
"version": null
},
{
"model": "xen",
"scope": "lte",
"trust": 0.8,
"vendor": "xen",
"version": "4.5.0"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.6,
"vendor": "xensource",
"version": "4.2.x"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.6,
"vendor": "xensource",
"version": "4.3.x"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.6,
"vendor": "xensource",
"version": "4.4.x"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.5.0"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.4.1"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.4.0"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.4"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.3.1"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.3.0"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.3"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2.3"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2.2"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2.1"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2.0"
},
{
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "openstack for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.06"
},
{
"model": "enterprise virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux virtualization server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop multi os client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "qemu",
"scope": "eq",
"trust": 0.3,
"vendor": "qemu",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "northstar controller application",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "northstar controller application service pack",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "BID",
"id": "75123"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:eos:4.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:arista:eos:4.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:arista:eos:4.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:arista:eos:4.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Tait of Google\u0027s Project Zero security team.",
"sources": [
{
"db": "BID",
"id": "75123"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3209",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-3209",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-03820",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-81170",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-3209",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2015-03820",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-81170",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. QEMU is prone to a heap-based buffer-overflow vulnerability. Failed attacks will cause denial-of-service conditions. QEMU (also known as Quick Emulator) is a set of analog processor software developed by French programmer Fabrice Bellard. The software has the characteristics of fast speed and cross-platform. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: qemu-kvm security update\nAdvisory ID: RHSA-2015:1087-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1087.html\nIssue date: 2015-06-10\nCVE Names: CVE-2015-3209 \n=====================================================================\n\n1. Summary:\n\nUpdated qemu-kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. The qemu-kvm package provides the\nuser-space component for running virtual machines using KVM. \n\nA flaw was found in the way QEMU\u0027s AMD PCnet Ethernet emulation handled\nmulti-TMD packets with a length above 4096 bytes. (CVE-2015-3209)\n\nRed Hat would like to thank Matt Tait of Google\u0027s Project Zero security\nteam for reporting this issue. \n\nAll qemu-kvm users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, shut down all running virtual machines. Once all virtual machines\nhave shut down, start them again for this update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1225882 - CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nqemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm\n\ni386:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm\n\nx86_64:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nqemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm\n\nx86_64:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nqemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm\n\ni386:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm\n\nx86_64:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nqemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm\n\ni386:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm\n\nx86_64:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-3209\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVeHRmXlSAg2UNWIIRAkq5AKCeYGr9MG7Kdic1FVJZw2avAhO6eACdFG0W\nVCkW3jIuuaxOqeYM0s8u6ss=\n=+WsT\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nCVE-2015-4037\n\n Kurt Seifried of Red Hat Product Security discovered that QEMU\u0027s\n user mode networking stack uses predictable temporary file names\n when the -smb option is used. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 1.1.2+dfsg-6+deb7u8. \n\nWe recommend that you upgrade your qemu-kvm packages. From: Yury German \u003cblueknight@gentoo.org\u003e\nTo: gentoo-announce@lists.gentoo.org\nMessage-ID: \u003c57035F2D.8090108@gentoo.org\u003e\nSubject: [ GLSA 201604-03 ] Xen: Multiple vulnerabilities\n\n\n\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201604-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Xen: Multiple vulnerabilities\n Date: April 05, 2016\n Bugs: #445254, #513832, #547202, #549200, #549950, #550658,\n #553664, #553718, #555532, #556304, #561110, #564472,\n #564932, #566798, #566838, #566842, #567962, #571552,\n #571556, #574012\n ID: 201604-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Xen, the worst of which\ncause a Denial of Service. \n\nBackground\n==========\n\nXen is a bare-metal hypervisor. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/xen \u003c 4.6.0-r9 \u003e= 4.6.0-r9\n *\u003e= 4.5.2-r5\n 2 app-emulation/xen-pvgrub\n \u003c 4.6.0 Vulnerable!\n 3 app-emulation/xen-tools \u003c 4.6.0-r9 \u003e= 4.6.0-r9\n *\u003e= 4.5.2-r5\n 4 app-emulation/pvgrub \u003e= 4.6.0\n *\u003e= 4.5.2\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n 4 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Xen. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Xen 4.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.5.2-r5\"\n\nAll Xen 4.6 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.6.0-r9\"\n\nAll Xen tools 4.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.5.2-r5\"\n\nAll Xen tools 4.6 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.6.0-r9\"\n\nAll Xen pvgrub users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-pvgrub-4.6.0\"=\n\n\nReferences\n==========\n\n[ 1 ] CVE-2012-3494\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494\n[ 2 ] CVE-2012-3495\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495\n[ 3 ] CVE-2012-3496\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496\n[ 4 ] CVE-2012-3497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497\n[ 5 ] CVE-2012-3498\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498\n[ 6 ] CVE-2012-3515\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515\n[ 7 ] CVE-2012-4411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411\n[ 8 ] CVE-2012-4535\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535\n[ 9 ] CVE-2012-4536\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536\n[ 10 ] CVE-2012-4537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537\n[ 11 ] CVE-2012-4538\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538\n[ 12 ] CVE-2012-4539\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539\n[ 13 ] CVE-2012-6030\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030\n[ 14 ] CVE-2012-6031\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031\n[ 15 ] CVE-2012-6032\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032\n[ 16 ] CVE-2012-6033\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033\n[ 17 ] CVE-2012-6034\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034\n[ 18 ] CVE-2012-6035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035\n[ 19 ] CVE-2012-6036\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036\n[ 20 ] CVE-2015-2151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2151\n[ 21 ] CVE-2015-3209\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3209\n[ 22 ] CVE-2015-3259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3259\n[ 23 ] CVE-2015-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3340\n[ 24 ] CVE-2015-3456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456\n[ 25 ] CVE-2015-4103\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4103\n[ 26 ] CVE-2015-4104\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4104\n[ 27 ] CVE-2015-4105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4105\n[ 28 ] CVE-2015-4106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4106\n[ 29 ] CVE-2015-4163\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4163\n[ 30 ] CVE-2015-4164\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4164\n[ 31 ] CVE-2015-5154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5154\n[ 32 ] CVE-2015-7311\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7311\n[ 33 ] CVE-2015-7504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504\n[ 34 ] CVE-2015-7812\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7812\n[ 35 ] CVE-2015-7813\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7813\n[ 36 ] CVE-2015-7814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7814\n[ 37 ] CVE-2015-7835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7835\n[ 38 ] CVE-2015-7871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871\n[ 39 ] CVE-2015-7969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7969\n[ 40 ] CVE-2015-7970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7970\n[ 41 ] CVE-2015-7971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7971\n[ 42 ] CVE-2015-7972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7972\n[ 43 ] CVE-2015-8339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8339\n[ 44 ] CVE-2015-8340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8340\n[ 45 ] CVE-2015-8341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8341\n[ 46 ] CVE-2015-8550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8550\n[ 47 ] CVE-2015-8551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8551\n[ 48 ] CVE-2015-8552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8552\n[ 49 ] CVE-2015-8554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8554\n[ 50 ] CVE-2015-8555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8555\n[ 51 ] CVE-2016-2270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2270\n[ 52 ] CVE-2016-2271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2271\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201604-03\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n--roWGDR0oQEDLX1s6lNAQV7ISgI2Pjo8Pc\n. ============================================================================\nUbuntu Security Notice USN-2630-1\nJune 10, 2015\n\nqemu, qemu-kvm vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in QEMU. \n\nSoftware Description:\n- qemu: Machine emulator and virtualizer\n- qemu-kvm: Machine emulator and virtualizer\n\nDetails:\n\nMatt Tait discovered that QEMU incorrectly handled the virtual PCNET\ndriver. In the default installation, when QEMU is used with\nlibvirt, attackers would be isolated by the libvirt AppArmor profile. \n(CVE-2015-3209)\n\nKurt Seifried discovered that QEMU incorrectly handled certain temporary\nfiles. A local attacker could use this issue to cause a denial of service. \n(CVE-2015-4037)\n\nJan Beulich discovered that the QEMU Xen code incorrectly restricted write\naccess to the host MSI message data field. A malicious guest could use this\nissue to cause a denial of service. This issue only applied to Ubuntu 14.04\nLTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4103)\n\nJan Beulich discovered that the QEMU Xen code incorrectly restricted access\nto the PCI MSI mask bits. A malicious guest could use this issue to cause a\ndenial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu\n14.10 and Ubuntu 15.04. (CVE-2015-4104)\n\nJan Beulich discovered that the QEMU Xen code incorrectly handled MSI-X\nerror messages. A malicious guest could use this issue to cause a denial of\nservice. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and\nUbuntu 15.04. (CVE-2015-4105)\n\nJan Beulich discovered that the QEMU Xen code incorrectly restricted write\naccess to the PCI config space. A malicious guest could use this issue to\ncause a denial of service, obtain sensitive information, or possibly\nexecute arbitrary code. This issue only applied to Ubuntu 14.04 LTS,\nUbuntu 14.10 and Ubuntu 15.04. (CVE-2015-4106)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n qemu-system 1:2.2+dfsg-5expubuntu9.2\n qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.2\n qemu-system-arm 1:2.2+dfsg-5expubuntu9.2\n qemu-system-mips 1:2.2+dfsg-5expubuntu9.2\n qemu-system-misc 1:2.2+dfsg-5expubuntu9.2\n qemu-system-ppc 1:2.2+dfsg-5expubuntu9.2\n qemu-system-sparc 1:2.2+dfsg-5expubuntu9.2\n qemu-system-x86 1:2.2+dfsg-5expubuntu9.2\n\nUbuntu 14.10:\n qemu-system 2.1+dfsg-4ubuntu6.7\n qemu-system-aarch64 2.1+dfsg-4ubuntu6.7\n qemu-system-arm 2.1+dfsg-4ubuntu6.7\n qemu-system-mips 2.1+dfsg-4ubuntu6.7\n qemu-system-misc 2.1+dfsg-4ubuntu6.7\n qemu-system-ppc 2.1+dfsg-4ubuntu6.7\n qemu-system-sparc 2.1+dfsg-4ubuntu6.7\n qemu-system-x86 2.1+dfsg-4ubuntu6.7\n\nUbuntu 14.04 LTS:\n qemu-system 2.0.0+dfsg-2ubuntu1.13\n qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.13\n qemu-system-arm 2.0.0+dfsg-2ubuntu1.13\n qemu-system-mips 2.0.0+dfsg-2ubuntu1.13\n qemu-system-misc 2.0.0+dfsg-2ubuntu1.13\n qemu-system-ppc 2.0.0+dfsg-2ubuntu1.13\n qemu-system-sparc 2.0.0+dfsg-2ubuntu1.13\n qemu-system-x86 2.0.0+dfsg-2ubuntu1.13\n\nUbuntu 12.04 LTS:\n qemu-kvm 1.0+noroms-0ubuntu14.23\n\nAfter a standard system update you need to restart all QEMU virtual\nmachines to make all the necessary changes. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3209"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "BID",
"id": "75123"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "PACKETSTORM",
"id": "132242"
},
{
"db": "PACKETSTORM",
"id": "132289"
},
{
"db": "PACKETSTORM",
"id": "136587"
},
{
"db": "PACKETSTORM",
"id": "132241"
},
{
"db": "PACKETSTORM",
"id": "132251"
},
{
"db": "PACKETSTORM",
"id": "134165"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3209",
"trust": 3.4
},
{
"db": "BID",
"id": "75123",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10783",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032545",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10698",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-03820",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "134165",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132289",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132242",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132241",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132251",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132290",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132447",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201506-282",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-81170",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136587",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "BID",
"id": "75123"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"db": "PACKETSTORM",
"id": "132242"
},
{
"db": "PACKETSTORM",
"id": "132289"
},
{
"db": "PACKETSTORM",
"id": "136587"
},
{
"db": "PACKETSTORM",
"id": "132241"
},
{
"db": "PACKETSTORM",
"id": "132251"
},
{
"db": "PACKETSTORM",
"id": "134165"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"id": "VAR-201506-0038",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
}
],
"trust": 1.25138886
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
}
]
},
"last_update_date": "2024-07-23T22:10:25.193000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://wiki.qemu.org/main_page"
},
{
"title": "JSA10698",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10698"
},
{
"title": "XSA-135",
"trust": 0.8,
"url": "http://xenbits.xen.org/xsa/advisory-135.html"
},
{
"title": "Xen QEMU PCNET Controller Heap Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/59683"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://xenbits.xen.org/xsa/advisory-135.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1087.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1089.html"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3209"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1088.html"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201510-02"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2630-1"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032545"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/75123"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3284"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3285"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3286"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160669.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160685.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160677.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1189.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00014.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00020.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html"
},
{
"trust": 1.1,
"url": "https://kb.juniper.net/jsa10783"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10698"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3209"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3209"
},
{
"trust": 0.3,
"url": "https://www.mail-archive.com/qemu-devel@nongnu.org/msg302403.html"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1225882"
},
{
"trust": 0.3,
"url": "http://wiki.qemu.org/main_page"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10783\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101011972"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3209"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4037"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5154"
},
{
"trust": 0.2,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4103"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4106"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3209"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4104"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4105"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10698"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4536"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7504"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4535"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4105"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4535"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6030"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4538"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6036"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6036"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8550"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3497"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4536"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3495"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6031"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6034"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7972"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4538"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6035"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3495"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4539"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3494"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6032"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4537"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6035"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6032"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7813"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3515"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7971"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3498"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2270"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6031"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6030"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3498"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3494"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4163"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7311"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3259"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6033"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6034"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4539"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4164"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3515"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4103"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3496"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4104"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3496"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2271"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7812"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/2.1+dfsg-4ubuntu6.7"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.23"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.13"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/1:2.2+dfsg-5expubuntu9.2"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3214"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3214"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5158"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5158"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "BID",
"id": "75123"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"db": "PACKETSTORM",
"id": "132242"
},
{
"db": "PACKETSTORM",
"id": "132289"
},
{
"db": "PACKETSTORM",
"id": "136587"
},
{
"db": "PACKETSTORM",
"id": "132241"
},
{
"db": "PACKETSTORM",
"id": "132251"
},
{
"db": "PACKETSTORM",
"id": "134165"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "BID",
"id": "75123"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"db": "PACKETSTORM",
"id": "132242"
},
{
"db": "PACKETSTORM",
"id": "132289"
},
{
"db": "PACKETSTORM",
"id": "136587"
},
{
"db": "PACKETSTORM",
"id": "132241"
},
{
"db": "PACKETSTORM",
"id": "132251"
},
{
"db": "PACKETSTORM",
"id": "134165"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"date": "2015-06-15T00:00:00",
"db": "VULHUB",
"id": "VHN-81170"
},
{
"date": "2015-06-10T00:00:00",
"db": "BID",
"id": "75123"
},
{
"date": "2015-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"date": "2015-06-10T23:39:22",
"db": "PACKETSTORM",
"id": "132242"
},
{
"date": "2015-06-15T15:43:00",
"db": "PACKETSTORM",
"id": "132289"
},
{
"date": "2016-04-06T13:30:13",
"db": "PACKETSTORM",
"id": "136587"
},
{
"date": "2015-06-10T23:39:14",
"db": "PACKETSTORM",
"id": "132241"
},
{
"date": "2015-06-10T23:41:07",
"db": "PACKETSTORM",
"id": "132251"
},
{
"date": "2015-11-02T16:49:11",
"db": "PACKETSTORM",
"id": "134165"
},
{
"date": "2015-06-15T15:59:00.070000",
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81170"
},
{
"date": "2017-04-18T00:05:00",
"db": "BID",
"id": "75123"
},
{
"date": "2015-10-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003134"
},
{
"date": "2023-02-13T00:48:06.167000",
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "75123"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "QEMU of PCNET Controller heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003134"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "75123"
}
],
"trust": 0.3
}
}
VAR-201404-0378
Vulnerability from variot - Updated: 2024-07-23 22:08Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within ScriptEngineManager. With the usage of this class, it is possible to disable the security manager and run code as privileged. This allows a malicious applet to execute attacker-supplied code resulting in remote code execution under the context of the current user. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. Failed exploit attempts will result in a denial-of-service condition. Java SE (Java Platform Standard Edition) is used to develop and deploy Java applications on desktops, servers, and embedded devices and real-time environments; JRockit is a Java virtual machine built into Oracle Fusion Middleware; Java SE Embedded is a The Java platform for developing powerful, reliable, and portable applications for embedded systems. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32
http://security.gentoo.org/
Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32
Synopsis
Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution.
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
[ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ============================================================================ Ubuntu Security Notice USN-2187-1 April 30, 2014
openjdk-7 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.10
Summary:
Several security issues were fixed in OpenJDK 7.
Software Description: - openjdk-7: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0461, CVE-2014-2397, CVE-2014-2402, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427)
Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)
A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2014-0459)
Jakub Wilk discovered that the OpenJDK JRE incorrectly handled temporary files. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions. (CVE-2014-1876)
Two vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-2398, CVE-2014-2413)
A vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-2403)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1 openjdk-7-jre 7u55-2.4.7-1ubuntu1 openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1 openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1 openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1
Ubuntu 13.10: icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1~0.13.10.1 openjdk-7-jre 7u55-2.4.7-1ubuntu1~0.13.10.1 openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1~0.13.10.1 openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1~0.13.10.1 openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1~0.13.10.1
Ubuntu 12.10: icedtea-7-jre-cacao 7u55-2.4.7-1ubuntu1~0.12.10.1 icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1~0.12.10.1 openjdk-7-jre 7u55-2.4.7-1ubuntu1~0.12.10.1 openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1~0.12.10.1 openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1~0.12.10.1 openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1~0.12.10.1
This update uses a new upstream release, which includes additional bug fixes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2014:0675-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0675.html Issue date: 2014-06-10 CVE Names: CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 7.
The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
- Description:
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.
An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. (CVE-2014-0429)
Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421)
Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0455, CVE-2014-0461)
Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402, CVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459)
Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460)
It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403)
It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453)
It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398)
An insecure temporary file use flaw was found in the way the unpack200 utility created log files. (CVE-2014-1876)
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1060907 - CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618) 1086632 - CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736) 1086645 - CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766) 1087409 - CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841) 1087411 - CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394) 1087413 - CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858) 1087417 - CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854) 1087423 - CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926) 1087424 - CVE-2014-0455 OpenJDK: MethodHandle variable argument lists handling (Libraries, 8029844) 1087426 - CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794) 1087427 - CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010) 1087428 - CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797) 1087430 - CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152) 1087431 - CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030) 1087434 - CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188) 1087436 - CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801) 1087438 - CVE-2014-2402 OpenJDK: Incorrect NIO channel separation (Libraries, 8026716) 1087439 - CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740) 1087440 - CVE-2014-0454 OpenJDK: Prevent SIGNATURE_PRIMITIVE_SET from being modified (Security, 8029745) 1087441 - CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163) 1087442 - CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731) 1087443 - CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282) 1087444 - CVE-2014-0459 lcms: insufficient ICC profile version validation (OpenJDK 2D, 8031335) 1087446 - CVE-2014-2413 OpenJDK: method handle call hierachy bypass (Libraries, 8032686)
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm
x86_64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm
x86_64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm
ppc64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm
s390x: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.s390x.rpm
x86_64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm
ppc64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm
s390x: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.s390x.rpm
x86_64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch: java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm
x86_64: java-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2014-0429.html https://www.redhat.com/security/data/cve/CVE-2014-0446.html https://www.redhat.com/security/data/cve/CVE-2014-0451.html https://www.redhat.com/security/data/cve/CVE-2014-0452.html https://www.redhat.com/security/data/cve/CVE-2014-0453.html https://www.redhat.com/security/data/cve/CVE-2014-0454.html https://www.redhat.com/security/data/cve/CVE-2014-0455.html https://www.redhat.com/security/data/cve/CVE-2014-0456.html https://www.redhat.com/security/data/cve/CVE-2014-0457.html https://www.redhat.com/security/data/cve/CVE-2014-0458.html https://www.redhat.com/security/data/cve/CVE-2014-0459.html https://www.redhat.com/security/data/cve/CVE-2014-0460.html https://www.redhat.com/security/data/cve/CVE-2014-0461.html https://www.redhat.com/security/data/cve/CVE-2014-1876.html https://www.redhat.com/security/data/cve/CVE-2014-2397.html https://www.redhat.com/security/data/cve/CVE-2014-2398.html https://www.redhat.com/security/data/cve/CVE-2014-2402.html https://www.redhat.com/security/data/cve/CVE-2014-2403.html https://www.redhat.com/security/data/cve/CVE-2014-2412.html https://www.redhat.com/security/data/cve/CVE-2014-2413.html https://www.redhat.com/security/data/cve/CVE-2014-2414.html https://www.redhat.com/security/data/cve/CVE-2014-2421.html https://www.redhat.com/security/data/cve/CVE-2014-2423.html https://www.redhat.com/security/data/cve/CVE-2014-2427.html https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTl12dXlSAg2UNWIIRAmMnAKDBn3yRFrjgZ2r2Pgk1zNaojzDhXACdE8EM WC6ur//nCsBvA7rEK0zVQSI= =mQDb -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 5 client) - i386, x86_64
For the oldstable distribution (squeeze), these problems have been fixed in version 6b31-1.13.3-1~deb6u1.
For the stable distribution (wheezy), these problems have been fixed in version 6b31-1.13.3-1~deb7u1.
For the testing distribution (jessie), these problems have been fixed in version 6b31-1.13.3-1.
For the unstable distribution (sid), these problems have been fixed in version 6b31-1.13.3-1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0378",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jdk",
"scope": "eq",
"trust": 1.9,
"vendor": "oracle",
"version": "1.8.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.9,
"vendor": "oracle",
"version": "1.8.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.6.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.6.0"
},
{
"model": "jrockit",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "r27.8.1"
},
{
"model": "jrockit",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "r28.3.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.7.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.5.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.5.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.7.0"
},
{
"model": "cosminexus developer professional",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "05-05"
},
{
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "cosminexus developer professional",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "cosminexus studio",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "05-05"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "05-05"
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "junos space",
"scope": "lt",
"trust": 1.0,
"vendor": "juniper",
"version": "15.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.10"
},
{
"model": "forms viewer",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "forms viewer",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "forms viewer",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "13.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "forms viewer",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.7.0 21",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 65",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 1.5.0 55",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jre 1.5.0 61",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "cosminexus primary server base 06-00-/e",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer standard )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "jdk 1.5.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.5.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "cosminexus developer professional 06-00-/e",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus client 06-00-/e",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server standard 06-00-/e",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 1.7.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.7.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus client 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.5.0 55",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus service platform messaging",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "-07-00"
},
{
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.5.0 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jdk 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus developer standard 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus developer professional for plug-in",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jre 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jre 1.6.0 71",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "ucosminexus client for plug-in",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jdk 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.7.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 61",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus application server enterprise 06-00-/e",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"model": "jre 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.7.0 17",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 16",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.7.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 0 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 10",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "jdk 1.5.0 24",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.5.0 41",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jre 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jdk 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 37",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.7.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 71",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus application server standard 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.7.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jdk 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jdk 1.6.0 65",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.7.0 12",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "jdk 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "0107-00"
},
{
"model": "jre 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "java runtime",
"scope": null,
"trust": 0.7,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "cosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus application server 05-05-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server standard 06-50-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jdk 1.7.0 17",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus developer professional for plug-in )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus studio 05-05-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.8"
},
{
"model": "cosminexus application server standard )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "cosminexus application server enterprise 06-50-/f",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "jre 1.7.0 21",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus client )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "cosminexus developer 05-05-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus operator )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus client 06-00-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server enterprise 06-50-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "jdk 1.5.0 41",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus developer professional",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "cosminexus primary server base 06-00-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "jdk 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.7.0 12",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus developer professional 06-00-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional 06-50-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "ucosminexus developer )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "0108-50"
},
{
"model": "cosminexus application server standard 06-50-/f",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 1.5.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "cosminexus application server standard 06-00-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "cosminexus developer professional 06-50-/f",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "cosminexus primary server base 06-50-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer light )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "jdk 07-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus primary server base 06-50-/f",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus client for plug-in )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "jre 1.5.0 45",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.5.0.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus client )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.8"
},
{
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "jdk 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "cosminexus developer professional )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "cosminexus client 06-50-/f",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform messaging )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "-08-50"
},
{
"model": "cosminexus application server enterprise 06-00-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jdk 1.5.0.0 11",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "jdk 11-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "cosminexus developer professional )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "cosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "cosminexus application server standard )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "cosminexus client 06-50-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus application server light (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0107-10"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "cosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "cosminexus application server standard 06-50-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "cosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "cosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "cosminexus application server enterprise 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "cosminexus application server 05-00-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "cosminexus application server enterprise 06-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"model": "jrockit r28.3.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "ucosminexus developer (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0108-00"
},
{
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus client for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "ucosminexus application server enterprise 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus operator (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "jdk 1.5.0 11",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus developer standard 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer professional for plug-in (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "jrockit r28.0.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "runtimes for java technology 7r1 sr1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.4"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "cosminexus developer professional 06-50-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jrockit r28.1.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus client 06-51-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "cosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "cosminexus client 06-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-02"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "ucosminexus primary server base (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus developer standard 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jdk 1.5.0 11-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "web sphere real time service refresh",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "36"
},
{
"model": "cosminexus developer light 06-00-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server standard 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0108-20"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "cosminexus application server enterprise 06-50-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "cosminexus developer 05-02-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus client for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "cosminexus application server enterprise 06-51-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "ucosminexus client 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus application server standard 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "ucosminexus developer standard 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cosminexus primary server base 06-51-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus client 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cosminexus application server standard 06-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer 05-05-/r",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2"
},
{
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-60"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus application server enterprise 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "jrockit r27.8.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus developer professional 06-51-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer professional for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cms r17ac.g",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "cosminexus client 06-51-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "cosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "ucosminexus client (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus application server enterprise 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server enterprise 06-00-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ucosminexus client for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cosminexus studio 05-00-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"model": "ucosminexus operator )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "cosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "cosminexus studio 05-05-/o",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "jrockit r27.6.0-50",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.015"
},
{
"model": "cosminexus application server 05-02-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "cosminexus studio 05-01-/l",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer professional for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cosminexus client 06-02-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jrockit r27.6.5",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "ucosminexus application server enterprise (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "ucosminexus developer standard 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-07-10"
},
{
"model": "websphere sensor events",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"model": "ucosminexus client for plug-in (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus service platform messaging )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "ucosminexus application server standard-r (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "cosminexus developer standard 06-50-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "cosminexus developer professional 06-51-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "linux enterprise server sp3 for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "ucosminexus application server standard 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "cosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "ucosminexus client for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "ucosminexus operator )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0"
},
{
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.6"
},
{
"model": "cosminexus client 06-50-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer professional for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "cosminexus primary server base 06-00-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "ucosminexus developer light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.0"
},
{
"model": "ucosminexus client 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "runtimes for java technology sr8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0109-00"
},
{
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-01"
},
{
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2.1"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"model": "tivoli system automation for integrated operations management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"model": "cosminexus developer professional 06-02-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jrockit r28.0.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus service platform messaging )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "cosminexus primary server base 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "tivoli system automation for integrated operations management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2"
},
{
"model": "ucosminexus client for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "cosminexus developer light 06-50-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.3"
},
{
"model": "jrockit r27.6.7",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "jrockit r27.6.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "cosminexus client 06-51-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "ucosminexus developer (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0107-00"
},
{
"model": "ucosminexus client 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2143"
},
{
"model": "cosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "ucosminexus application server enterprise 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "web sphere real time service refresh",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "37"
},
{
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "cosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "ucosminexus developer professional for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"model": "ucosminexus service platform (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus service architect (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "ucosminexus application server express (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "cosminexus primary server base 06-50-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "cosminexus developer professional 06-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer professional 06-70-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer 05-05-/o",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.13"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "cosminexus developer professional )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "ucosminexus developer )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0107-00"
},
{
"model": "jdk 0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus client for plug-in (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "manager",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "111.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-60"
},
{
"model": "java se embedded 7u45",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus developer light (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "cosminexus application server 05-00-/s",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "cosminexus primary server base 06-02-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"model": "ucosminexus client for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus developer light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus client 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer standard 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "ucosminexus application server standard (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus developer standard 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus client 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ucosminexus operator (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server light (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "cosminexus application server enterprise 06-50-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus service platform messaging )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-07-00"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "websphere sensor events",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "tivoli system automation for integrated operations management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "cosminexus application server 05-05-/r",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus application server standard 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "jrockit r27.1.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "cosminexus studio 05-02-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "jrockit r28.1.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus application server enterprise 06-02-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"model": "jrockit r27.6.6",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus client 06-50-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "jrockit r27.6.8",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"model": "cosminexus primary server base 06-50-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "ucosminexus primary server base (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "ucosminexus developer light 06-70-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional 06-51-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "runtimes for java technology 7.sr7",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "ucosminexus developer professional for plug-in (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "cosminexus developer light 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "jrockit r27.6.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "ucosminexus developer )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0107-10"
},
{
"model": "cosminexus primary server base 06-50-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer 05-01-/l",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "jrockit r27.7.6",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"model": "ucosminexus client for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "cosminexus developer professional 06-00-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cosminexus application server standard 06-51-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.1"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-01"
},
{
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "cosminexus application server standard 06-50-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-01"
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "cosminexus developer professional 06-50-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "jdk 0 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "cosminexus developer standard 06-00-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "cosminexus primary server base 06-51-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "ucosminexus client (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus developer professional for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0109-50"
},
{
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "jrockit r28.2.9",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "cosminexus developer standard 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "cosminexus application server standard 06-00-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "java se embedded 7u51",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "cosminexus application server standard 06-02-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "cosminexus developer professional 06-50-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-60"
},
{
"model": "ucosminexus application server standard-r (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus operator )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "jrockit r28.2.8",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "jrockit r27.6.2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "ucosminexus developer professional for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "ucosminexus developer light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "linux enterprise java sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "ucosminexus developer standard 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"model": "ucosminexus developer professional for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus application server smart edition (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "cosminexus developer professional 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-05-/o",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jrockit r27.6.9",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus developer professional for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "ucosminexus application server enterprise 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jrockit r27.6.3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus developer 05-00-/s",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "runtimes for java technology sr16-fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "linux enterprise server sp3 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "cosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "cosminexus developer 05-00-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "ucosminexus service platform messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.177"
},
{
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"model": "ucosminexus service platform messaging (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-07-00"
},
{
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-02"
},
{
"model": "ucosminexus operator )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "ucosminexus application server enterprise 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server standard 06-50-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "ucosminexus developer )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0109-00"
},
{
"model": "ucosminexus developer light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "cosminexus client 06-50-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.13"
},
{
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "ucosminexus client for plug-in )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "cosminexus client 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "ucosminexus service platform messaging )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-07-10"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"model": "cosminexus studio 05-05-/r",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "jrockit r28.1.3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "ucosminexus client 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "forms viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "ucosminexus developer )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0109-50"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.178"
},
{
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "java se embedded 7u40",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus client 06-00-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server enterprise 06-50-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "cosminexus primary server base 06-51-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "runtimes for java technology sr16",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "cosminexus studio 05-00-/s",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer standard 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "ucosminexus application server express (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus service platform messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"model": "ucosminexus service platform messaging (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-08-00"
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cosminexus application server 05-01-/l",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-02"
},
{
"model": "ucosminexus application server standard 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"model": "endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "jdk 1.5.0 07-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cosminexus application server standard 06-51-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer light (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "cosminexus application server standard 06-51-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "cosminexus application server enterprise 06-51-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform messaging )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-08-20"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.145"
},
{
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus client 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "ucosminexus service architect (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "cosminexus application server enterprise 06-51-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "cosminexus primary server base 06-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus operator )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "vcenter update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"db": "BID",
"id": "66866"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-272"
},
{
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0.0.3",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ben Murphy",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-105"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0457",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-67950",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0457",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2014-0457",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-272",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-67950",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0457",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"db": "VULHUB",
"id": "VHN-67950"
},
{
"db": "VULMON",
"id": "CVE-2014-0457"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-272"
},
{
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within ScriptEngineManager. With the usage of this class, it is possible to disable the security manager and run code as privileged. This allows a malicious applet to execute attacker-supplied code resulting in remote code execution under the context of the current user. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u0027Libraries\u0027 sub-component. Failed exploit attempts will result in a denial-of-service condition. Java SE (Java Platform Standard Edition) is used to develop and deploy Java applications on desktops, servers, and embedded devices and real-time environments; JRockit is a Java virtual machine built into Oracle Fusion Middleware; Java SE Embedded is a The Java platform for developing powerful, reliable, and portable applications for embedded systems. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201406-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: IcedTea JDK: Multiple vulnerabilities\n Date: June 29, 2014\n Bugs: #312297, #330205, #340819, #346799, #352035, #353418,\n #354231, #355127, #370787, #387637, #404095, #421031,\n #429522, #433389, #438750, #442478, #457206, #458410,\n #461714, #466822, #477210, #489570, #508270\n ID: 201406-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the IcedTea JDK, the worst\nof which could lead to arbitrary code execution. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/icedtea-bin \u003c 6.1.13.3 \u003e= 6.1.13.3 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IcedTea JDK users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-java/icedtea-bin-6.1.13.3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-3555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[ 2 ] CVE-2010-2548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548\n[ 3 ] CVE-2010-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783\n[ 4 ] CVE-2010-3541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[ 5 ] CVE-2010-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[ 6 ] CVE-2010-3549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[ 7 ] CVE-2010-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[ 8 ] CVE-2010-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[ 9 ] CVE-2010-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[ 10 ] CVE-2010-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[ 11 ] CVE-2010-3561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[ 12 ] CVE-2010-3562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[ 13 ] CVE-2010-3564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564\n[ 14 ] CVE-2010-3565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[ 15 ] CVE-2010-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[ 16 ] CVE-2010-3567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[ 17 ] CVE-2010-3568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[ 18 ] CVE-2010-3569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[ 19 ] CVE-2010-3573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[ 20 ] CVE-2010-3574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[ 21 ] CVE-2010-3860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860\n[ 22 ] CVE-2010-4351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351\n[ 23 ] CVE-2010-4448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[ 24 ] CVE-2010-4450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[ 25 ] CVE-2010-4465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[ 26 ] CVE-2010-4467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[ 27 ] CVE-2010-4469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[ 28 ] CVE-2010-4470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[ 29 ] CVE-2010-4471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[ 30 ] CVE-2010-4472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[ 31 ] CVE-2010-4476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[ 32 ] CVE-2011-0025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025\n[ 33 ] CVE-2011-0706\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706\n[ 34 ] CVE-2011-0815\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[ 35 ] CVE-2011-0822\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822\n[ 36 ] CVE-2011-0862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[ 37 ] CVE-2011-0864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[ 38 ] CVE-2011-0865\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[ 39 ] CVE-2011-0868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[ 40 ] CVE-2011-0869\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[ 41 ] CVE-2011-0870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870\n[ 42 ] CVE-2011-0871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[ 43 ] CVE-2011-0872\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[ 44 ] CVE-2011-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 45 ] CVE-2011-3521\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[ 46 ] CVE-2011-3544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[ 47 ] CVE-2011-3547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[ 48 ] CVE-2011-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[ 49 ] CVE-2011-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[ 50 ] CVE-2011-3552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[ 51 ] CVE-2011-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[ 52 ] CVE-2011-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[ 53 ] CVE-2011-3556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[ 54 ] CVE-2011-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[ 55 ] CVE-2011-3558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[ 56 ] CVE-2011-3560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[ 57 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 58 ] CVE-2011-3571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571\n[ 59 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 60 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 61 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 62 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 63 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 64 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 65 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 66 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 67 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 68 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 69 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 70 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 71 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 72 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 73 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 74 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 75 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 76 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 77 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 78 ] CVE-2012-3422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422\n[ 79 ] CVE-2012-3423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423\n[ 80 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 81 ] CVE-2012-4540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540\n[ 82 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 83 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 84 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 85 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 86 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 87 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 88 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 89 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 90 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 91 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 92 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 93 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 94 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 95 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 96 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 97 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 98 ] CVE-2012-5979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979\n[ 99 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 100 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 101 ] CVE-2013-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424\n[ 102 ] CVE-2013-0425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425\n[ 103 ] CVE-2013-0426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426\n[ 104 ] CVE-2013-0427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427\n[ 105 ] CVE-2013-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428\n[ 106 ] CVE-2013-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429\n[ 107 ] CVE-2013-0431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431\n[ 108 ] CVE-2013-0432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432\n[ 109 ] CVE-2013-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433\n[ 110 ] CVE-2013-0434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434\n[ 111 ] CVE-2013-0435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435\n[ 112 ] CVE-2013-0440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440\n[ 113 ] CVE-2013-0441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441\n[ 114 ] CVE-2013-0442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442\n[ 115 ] CVE-2013-0443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443\n[ 116 ] CVE-2013-0444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444\n[ 117 ] CVE-2013-0450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450\n[ 118 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 119 ] CVE-2013-1475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475\n[ 120 ] CVE-2013-1476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476\n[ 121 ] CVE-2013-1478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478\n[ 122 ] CVE-2013-1480\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480\n[ 123 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 124 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 125 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 126 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 127 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 128 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 129 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 130 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 131 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 132 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 133 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 134 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 135 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 136 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 137 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 138 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 139 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 140 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 141 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 142 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 143 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 144 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 145 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 146 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 147 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 148 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 149 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 150 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 151 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 152 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 153 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 154 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 155 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 156 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 157 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 158 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 159 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 160 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 161 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 162 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 163 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 164 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 165 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 166 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 167 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 168 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 169 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 170 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 171 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 172 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 173 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 174 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 175 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 176 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 177 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 178 ] CVE-2013-4002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002\n[ 179 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 180 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 181 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 182 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 183 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 184 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 185 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 186 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 187 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 188 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 189 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 190 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 191 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 192 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 193 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 194 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 195 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 196 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 197 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 198 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 199 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 200 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 201 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 202 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 203 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 204 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 205 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 206 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 207 ] CVE-2013-6629\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629\n[ 208 ] CVE-2013-6954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954\n[ 209 ] CVE-2014-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429\n[ 210 ] CVE-2014-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446\n[ 211 ] CVE-2014-0451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451\n[ 212 ] CVE-2014-0452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452\n[ 213 ] CVE-2014-0453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453\n[ 214 ] CVE-2014-0456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456\n[ 215 ] CVE-2014-0457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457\n[ 216 ] CVE-2014-0458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458\n[ 217 ] CVE-2014-0459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459\n[ 218 ] CVE-2014-0460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460\n[ 219 ] CVE-2014-0461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461\n[ 220 ] CVE-2014-1876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876\n[ 221 ] CVE-2014-2397\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397\n[ 222 ] CVE-2014-2398\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398\n[ 223 ] CVE-2014-2403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403\n[ 224 ] CVE-2014-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412\n[ 225 ] CVE-2014-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414\n[ 226 ] CVE-2014-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421\n[ 227 ] CVE-2014-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423\n[ 228 ] CVE-2014-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201406-32.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ============================================================================\nUbuntu Security Notice USN-2187-1\nApril 30, 2014\n\nopenjdk-7 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.10\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK 7. \n\nSoftware Description:\n- openjdk-7: Open Source Java implementation\n\nDetails:\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure, data integrity and availability. An attacker could\nexploit these to cause a denial of service or expose sensitive data over\nthe network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452,\nCVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458,\nCVE-2014-0461, CVE-2014-2397, CVE-2014-2402, CVE-2014-2412, CVE-2014-2414,\nCVE-2014-2421, CVE-2014-2423, CVE-2014-2427)\n\nTwo vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure and data integrity. An attacker could exploit these\nto expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. \nAn attacker could exploit this to cause a denial of service. \n(CVE-2014-0459)\n\nJakub Wilk discovered that the OpenJDK JRE incorrectly handled temporary\nfiles. In the default installation of Ubuntu, this should be\nprevented by the Yama link restrictions. (CVE-2014-1876)\n\nTwo vulnerabilities were discovered in the OpenJDK JRE related to data\nintegrity. (CVE-2014-2398, CVE-2014-2413)\n\nA vulnerability was discovered in the OpenJDK JRE related to information\ndisclosure. An attacker could exploit this to expose sensitive data over\nthe network. (CVE-2014-2403)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1\n openjdk-7-jre 7u55-2.4.7-1ubuntu1\n openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1\n openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1\n openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1\n\nUbuntu 13.10:\n icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1~0.13.10.1\n openjdk-7-jre 7u55-2.4.7-1ubuntu1~0.13.10.1\n openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1~0.13.10.1\n openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1~0.13.10.1\n openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1~0.13.10.1\n\nUbuntu 12.10:\n icedtea-7-jre-cacao 7u55-2.4.7-1ubuntu1~0.12.10.1\n icedtea-7-jre-jamvm 7u55-2.4.7-1ubuntu1~0.12.10.1\n openjdk-7-jre 7u55-2.4.7-1ubuntu1~0.12.10.1\n openjdk-7-jre-headless 7u55-2.4.7-1ubuntu1~0.12.10.1\n openjdk-7-jre-lib 7u55-2.4.7-1ubuntu1~0.12.10.1\n openjdk-7-jre-zero 7u55-2.4.7-1ubuntu1~0.12.10.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2014:0675-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0675.html\nIssue date: 2014-06-10\nCVE Names: CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 \n CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 \n CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 \n CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 \n CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 \n CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 \n CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 \n CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix various security issues are\nnow available for Red Hat Enterprise Linux 7. \n\nThe Red Hat Security Response Team has rated this update as having Critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64\n\n3. Description:\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit. \n\nAn input validation flaw was discovered in the medialib library in the 2D\ncomponent. A specially crafted image could trigger Java Virtual Machine\nmemory corruption when processed. \n(CVE-2014-0429)\n\nMultiple flaws were discovered in the Hotspot and 2D components in OpenJDK. \nAn untrusted Java application or applet could use these flaws to trigger\nJava Virtual Machine memory corruption and possibly bypass Java sandbox\nrestrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421)\n\nMultiple improper permission check issues were discovered in the Libraries\ncomponent in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass Java sandbox restrictions. (CVE-2014-0457,\nCVE-2014-0455, CVE-2014-0461)\n\nMultiple improper permission check issues were discovered in the AWT,\nJAX-WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK. \nAn untrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451,\nCVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402,\nCVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459)\n\nMultiple flaws were identified in the Java Naming and Directory Interface\n(JNDI) DNS client. These flaws could make it easier for a remote attacker\nto perform DNS spoofing attacks. (CVE-2014-0460)\n\nIt was discovered that the JAXP component did not properly prevent access\nto arbitrary files when a SecurityManager was present. This flaw could\ncause a Java application using JAXP to leak sensitive information, or\naffect application availability. (CVE-2014-2403)\n\nIt was discovered that the Security component in OpenJDK could leak some\ntiming information when performing PKCS#1 unpadding. This could possibly\nlead to the disclosure of some information that was meant to be protected\nby encryption. (CVE-2014-0453)\n\nIt was discovered that the fix for CVE-2013-5797 did not properly resolve\ninput sanitization flaws in javadoc. When javadoc documentation was\ngenerated from an untrusted Java source code and hosted on a domain not\ncontrolled by the code author, these issues could make it easier to perform\ncross-site scripting (XSS) attacks. (CVE-2014-2398)\n\nAn insecure temporary file use flaw was found in the way the unpack200\nutility created log files. (CVE-2014-1876)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website. \n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1060907 - CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)\n1086632 - CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)\n1086645 - CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766)\n1087409 - CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)\n1087411 - CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)\n1087413 - CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858)\n1087417 - CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854)\n1087423 - CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926)\n1087424 - CVE-2014-0455 OpenJDK: MethodHandle variable argument lists handling (Libraries, 8029844)\n1087426 - CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)\n1087427 - CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010)\n1087428 - CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)\n1087430 - CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)\n1087431 - CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)\n1087434 - CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)\n1087436 - CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)\n1087438 - CVE-2014-2402 OpenJDK: Incorrect NIO channel separation (Libraries, 8026716)\n1087439 - CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740)\n1087440 - CVE-2014-0454 OpenJDK: Prevent SIGNATURE_PRIMITIVE_SET from being modified (Security, 8029745)\n1087441 - CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)\n1087442 - CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)\n1087443 - CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282)\n1087444 - CVE-2014-0459 lcms: insufficient ICC profile version validation (OpenJDK 2D, 8031335)\n1087446 - CVE-2014-2413 OpenJDK: method handle call hierachy bypass (Libraries, 8032686)\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm\n\nppc64:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm\njava-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm\njava-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm\n\ns390x:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.s390x.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm\njava-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.s390x.rpm\njava-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.s390x.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm\n\nppc64:\njava-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm\njava-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm\njava-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.ppc64.rpm\n\ns390x:\njava-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.s390x.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm\njava-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.s390x.rpm\njava-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.s390x.rpm\n\nx86_64:\njava-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-headless-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el7_0.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-accessibility-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el7_0.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2014-0429.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0446.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0451.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0452.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0453.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0454.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0455.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0456.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0457.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0458.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0459.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0460.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0461.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-1876.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2397.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2398.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2402.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2403.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2412.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2413.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2421.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2423.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2427.html\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTl12dXlSAg2UNWIIRAmMnAKDBn3yRFrjgZ2r2Pgk1zNaojzDhXACdE8EM\nWC6ur//nCsBvA7rEK0zVQSI=\n=mQDb\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 5 client) - i386, x86_64\n\n3. \n\nFor the oldstable distribution (squeeze), these problems have been fixed\nin version 6b31-1.13.3-1~deb6u1. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 6b31-1.13.3-1~deb7u1. \n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 6b31-1.13.3-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 6b31-1.13.3-1",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0457"
},
{
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"db": "BID",
"id": "66866"
},
{
"db": "VULHUB",
"id": "VHN-67950"
},
{
"db": "VULMON",
"id": "CVE-2014-0457"
},
{
"db": "PACKETSTORM",
"id": "126200"
},
{
"db": "PACKETSTORM",
"id": "126201"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "126413"
},
{
"db": "PACKETSTORM",
"id": "127041"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126630"
},
{
"db": "PACKETSTORM",
"id": "126320"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0457",
"trust": 3.6
},
{
"db": "BID",
"id": "66866",
"trust": 1.5
},
{
"db": "SECUNIA",
"id": "58415",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "59058",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "58974",
"trust": 1.2
},
{
"db": "ZDI",
"id": "ZDI-14-105",
"trust": 1.0
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2058",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201404-272",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "58045",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "57997",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "57933",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "57942",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "57932",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "57991",
"trust": 0.6
},
{
"db": "HITACHI",
"id": "HS14-009",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-67950",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0457",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126200",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126201",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126413",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127041",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126320",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"db": "VULHUB",
"id": "VHN-67950"
},
{
"db": "VULMON",
"id": "CVE-2014-0457"
},
{
"db": "BID",
"id": "66866"
},
{
"db": "PACKETSTORM",
"id": "126200"
},
{
"db": "PACKETSTORM",
"id": "126201"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "126413"
},
{
"db": "PACKETSTORM",
"id": "127041"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126630"
},
{
"db": "PACKETSTORM",
"id": "126320"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-272"
},
{
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"id": "VAR-201404-0378",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67950"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:08:28.541000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Oracle has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"title": "jre-7u55-windows-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49312"
},
{
"title": "jdk-8u5-macosx-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49316"
},
{
"title": "jre-8u5-linux-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49320"
},
{
"title": "jdk-7u55-nb-8-linux-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49311"
},
{
"title": "jdk-8u5-windows-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49315"
},
{
"title": "jre-8u5-macosx-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49319"
},
{
"title": "jdk-7u55-nb-8-macosx-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49310"
},
{
"title": "jre-7u55-linux-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49314"
},
{
"title": "jre-8u5-windows-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49318"
},
{
"title": "jdk-7u55-nb-8-windows-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49309"
},
{
"title": "jre-7u55-macosx-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49313"
},
{
"title": "jdk-8u5-linux-x64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49317"
},
{
"title": "Red Hat: CVE-2014-0457",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0457"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2187-1"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2191-1"
},
{
"title": "Amazon Linux AMI: ALAS-2014-326",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-326"
},
{
"title": "Amazon Linux AMI: ALAS-2014-327",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-327"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"db": "VULMON",
"id": "CVE-2014-0457"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-272"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0675.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0685.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.3,
"url": "http://www.ubuntu.com/usn/usn-2187-1"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/66866"
},
{
"trust": 1.2,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"trust": 1.2,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"trust": 1.2,
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2014:0413"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2014:0414"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/58415"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/58974"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/59058"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2191-1"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0446"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1876"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0429"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2412"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0451"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0457"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2398"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0460"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0453"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0456"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2414"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2403"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2397"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0458"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0459"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0452"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0461"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57932"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57933"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57942"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57991"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57997"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/58045"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2413"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0451.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0453.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0455"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2421.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0454"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2402"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2427.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0446.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-1876.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0460.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2412.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2398.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0457.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0429.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2421"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2427"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0452.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0459.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0454.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2423.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0461.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2397.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2414.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0458.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0456.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2413.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2403.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0455.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2402.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2423"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687297"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs14-009/index.html"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/java_apr2014_advisory.asc"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/java/index.html"
},
{
"trust": 0.3,
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140639-1.html"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21685350"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0008.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180008"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678048"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04398943"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681114"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#oracle_april_15_2014_cpu"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv59507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv59550"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv59555"
},
{
"trust": 0.3,
"url": "\\https://www-304.ibm.com/support/docview.wss?uid=swg21677490"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21677490"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21673611"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180257"
},
{
"trust": 0.3,
"url": "asa-2014-203"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-14-105/"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21677072"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672047"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020184"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21679187"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21673576"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678883"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21664899"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21675205"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6629.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6629"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2401.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2401"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2420.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2409.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0449.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0449"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6954.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0432.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6954"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0432"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2428.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2409"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0448"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0448.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2422.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=140852974709252\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33881"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0457"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2187-1/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0413.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0412.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-7/7u55-2.4.7-1ubuntu1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1283828"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-7/7u55-2.4.7-1ubuntu1~0.12.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-7/7u55-2.4.7-1ubuntu1~0.13.10.1"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0407.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0509.html"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0462"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2405"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"db": "VULHUB",
"id": "VHN-67950"
},
{
"db": "VULMON",
"id": "CVE-2014-0457"
},
{
"db": "BID",
"id": "66866"
},
{
"db": "PACKETSTORM",
"id": "126200"
},
{
"db": "PACKETSTORM",
"id": "126201"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "126413"
},
{
"db": "PACKETSTORM",
"id": "127041"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126630"
},
{
"db": "PACKETSTORM",
"id": "126320"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-272"
},
{
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"db": "VULHUB",
"id": "VHN-67950"
},
{
"db": "VULMON",
"id": "CVE-2014-0457"
},
{
"db": "BID",
"id": "66866"
},
{
"db": "PACKETSTORM",
"id": "126200"
},
{
"db": "PACKETSTORM",
"id": "126201"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "126413"
},
{
"db": "PACKETSTORM",
"id": "127041"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126630"
},
{
"db": "PACKETSTORM",
"id": "126320"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-272"
},
{
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-21T00:00:00",
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"date": "2014-04-16T00:00:00",
"db": "VULHUB",
"id": "VHN-67950"
},
{
"date": "2014-04-16T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0457"
},
{
"date": "2014-04-15T00:00:00",
"db": "BID",
"id": "66866"
},
{
"date": "2014-04-17T22:02:41",
"db": "PACKETSTORM",
"id": "126200"
},
{
"date": "2014-04-17T22:02:50",
"db": "PACKETSTORM",
"id": "126201"
},
{
"date": "2014-06-30T23:39:28",
"db": "PACKETSTORM",
"id": "127267"
},
{
"date": "2014-05-01T02:15:00",
"db": "PACKETSTORM",
"id": "126413"
},
{
"date": "2014-06-11T00:10:43",
"db": "PACKETSTORM",
"id": "127041"
},
{
"date": "2014-04-16T20:41:55",
"db": "PACKETSTORM",
"id": "126181"
},
{
"date": "2014-05-15T21:38:36",
"db": "PACKETSTORM",
"id": "126630"
},
{
"date": "2014-04-25T17:49:43",
"db": "PACKETSTORM",
"id": "126320"
},
{
"date": "2014-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-272"
},
{
"date": "2014-04-16T01:55:09.820000",
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-21T00:00:00",
"db": "ZDI",
"id": "ZDI-14-105"
},
{
"date": "2022-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-67950"
},
{
"date": "2020-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0457"
},
{
"date": "2015-04-13T21:56:00",
"db": "BID",
"id": "66866"
},
{
"date": "2014-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-272"
},
{
"date": "2022-05-13T14:57:20.540000",
"db": "NVD",
"id": "CVE-2014-0457"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127041"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-272"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Oracle Java ScriptEngineManager Sandbox Bypass Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-105"
}
],
"trust": 0.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-272"
}
],
"trust": 0.6
}
}
VAR-201908-0264
Vulnerability from variot - Updated: 2024-07-23 22:07Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service (DoS) attacks. HTTP/2 is the second version of the hypertext transfer protocol, which is mainly used to ensure the communication between the client and the server. A resource management error vulnerability exists in HTTP/2. An attacker could exploit this vulnerability to cause a denial of service. it exists that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. (CVE-2019-12387). Description:
Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. Solution:
For OpenShift Container Platform 4.1 see the following documentation, which will be updated shortly for release 4.1.14, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.1/updating/updating-cluster - -cli.html. Description:
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: rh-nodejs8-nodejs security update Advisory ID: RHSA-2019:2955-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:2955 Issue date: 2019-10-02 CVE Names: CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 ==================================================================== 1. Summary:
An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
- Description:
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs8-nodejs (8.16.1).
Security Fix(es):
-
HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)
-
HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)
-
HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)
-
HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)
-
HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)
-
HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)
-
HTTP/2: request for large response leads to denial of service (CVE-2019-9517)
-
HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth 1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption 1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth 1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth 1735749 - CVE-2019-9518 HTTP/2: flood using empty frames results in excessive resource consumption 1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service 1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service 1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-nodejs8-3.0-5.el7.src.rpm rh-nodejs8-nodejs-8.16.1-2.el7.src.rpm
aarch64: rh-nodejs8-3.0-5.el7.aarch64.rpm rh-nodejs8-nodejs-8.16.1-2.el7.aarch64.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.aarch64.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.aarch64.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.aarch64.rpm rh-nodejs8-runtime-3.0-5.el7.aarch64.rpm rh-nodejs8-scldevel-3.0-5.el7.aarch64.rpm
noarch: rh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm
ppc64le: rh-nodejs8-3.0-5.el7.ppc64le.rpm rh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm rh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm rh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm
s390x: rh-nodejs8-3.0-5.el7.s390x.rpm rh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm rh-nodejs8-runtime-3.0-5.el7.s390x.rpm rh-nodejs8-scldevel-3.0-5.el7.s390x.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-nodejs8-3.0-5.el7.src.rpm rh-nodejs8-nodejs-8.16.1-2.el7.src.rpm
aarch64: rh-nodejs8-3.0-5.el7.aarch64.rpm rh-nodejs8-nodejs-8.16.1-2.el7.aarch64.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.aarch64.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.aarch64.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.aarch64.rpm rh-nodejs8-runtime-3.0-5.el7.aarch64.rpm rh-nodejs8-scldevel-3.0-5.el7.aarch64.rpm
noarch: rh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm
ppc64le: rh-nodejs8-3.0-5.el7.ppc64le.rpm rh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm rh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm rh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm
s390x: rh-nodejs8-3.0-5.el7.s390x.rpm rh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm rh-nodejs8-runtime-3.0-5.el7.s390x.rpm rh-nodejs8-scldevel-3.0-5.el7.s390x.rpm
x86_64: rh-nodejs8-3.0-5.el7.x86_64.rpm rh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm rh-nodejs8-runtime-3.0-5.el7.x86_64.rpm rh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5):
Source: rh-nodejs8-3.0-5.el7.src.rpm rh-nodejs8-nodejs-8.16.1-2.el7.src.rpm
noarch: rh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm
ppc64le: rh-nodejs8-3.0-5.el7.ppc64le.rpm rh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm rh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm rh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm
s390x: rh-nodejs8-3.0-5.el7.s390x.rpm rh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm rh-nodejs8-runtime-3.0-5.el7.s390x.rpm rh-nodejs8-scldevel-3.0-5.el7.s390x.rpm
x86_64: rh-nodejs8-3.0-5.el7.x86_64.rpm rh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm rh-nodejs8-runtime-3.0-5.el7.x86_64.rpm rh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: rh-nodejs8-3.0-5.el7.src.rpm rh-nodejs8-nodejs-8.16.1-2.el7.src.rpm
noarch: rh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm
ppc64le: rh-nodejs8-3.0-5.el7.ppc64le.rpm rh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm rh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm rh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm
s390x: rh-nodejs8-3.0-5.el7.s390x.rpm rh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm rh-nodejs8-runtime-3.0-5.el7.s390x.rpm rh-nodejs8-scldevel-3.0-5.el7.s390x.rpm
x86_64: rh-nodejs8-3.0-5.el7.x86_64.rpm rh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm rh-nodejs8-runtime-3.0-5.el7.x86_64.rpm rh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):
Source: rh-nodejs8-3.0-5.el7.src.rpm rh-nodejs8-nodejs-8.16.1-2.el7.src.rpm
noarch: rh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm
ppc64le: rh-nodejs8-3.0-5.el7.ppc64le.rpm rh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm rh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm rh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm
s390x: rh-nodejs8-3.0-5.el7.s390x.rpm rh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm rh-nodejs8-runtime-3.0-5.el7.s390x.rpm rh-nodejs8-scldevel-3.0-5.el7.s390x.rpm
x86_64: rh-nodejs8-3.0-5.el7.x86_64.rpm rh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm rh-nodejs8-runtime-3.0-5.el7.x86_64.rpm rh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: rh-nodejs8-3.0-5.el7.src.rpm rh-nodejs8-nodejs-8.16.1-2.el7.src.rpm
noarch: rh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm
x86_64: rh-nodejs8-3.0-5.el7.x86_64.rpm rh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm rh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm rh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm rh-nodejs8-runtime-3.0-5.el7.x86_64.rpm rh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-9511 https://access.redhat.com/security/cve/CVE-2019-9512 https://access.redhat.com/security/cve/CVE-2019-9513 https://access.redhat.com/security/cve/CVE-2019-9514 https://access.redhat.com/security/cve/CVE-2019-9515 https://access.redhat.com/security/cve/CVE-2019-9516 https://access.redhat.com/security/cve/CVE-2019-9517 https://access.redhat.com/security/cve/CVE-2019-9518 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXZSz+NzjgjWX9erEAQhrnQ//YWmbjNrYsOnrqBPWZDBil0Basr6JUpEe YoTqouv9A7gkpSoYLoCRE0E3tsTxHlQwJR91vlr/dPEtHbsF52YEGrumAQCK4H6b nEhOj2pH9UG+FcPUBkyHzNQXcWYLZ9vaxVCW4gUpxm0QggyigAOdIImlZkTGgcrI mWReipMFC8hBARJU/vQ0bCCj6LfOYnx4h2pu6Jzy+vkeVJDoCNAxGT5FwfaMZTUy T0y8dpzWSq/vg2Xd3JaYnoh70a8k62kEMH3VmCBNNU3aiMiXBeBMlS1i/q00IOJ+ fy/1STMJGt1tj6xfYNsZY5E+CPVm0ZvVlKfRi8DpxPWXI48a712XZ/XONYb2jDnt pmkNM62ZdjZahQwXyC+y8havivg7LcEzxV0G2yfkNIqM33Zplz0h4BOCmLuT4I84 BMylBIrODsw70uWbc1DcPsF8vhmxryGfNNQ9FCk+jH52lRi3YnWkhRBThY+rpAqZ qmfTb4m2kD0s45q85Xv87N9F2tZJjhfYQ0U2LyHkbQov0CFkNu4YcElKMclBvvvc lzostLzxOJYt/l3qgXp+RlQNnlQG/jsFrEmmhskjzFJ8a9fhtBWNFxMcQ+SDBrUK HSNNzBwQhHam6OPCqpyWYvFT/bRbHucyMI6pGZmpc+MQ5cMAjP1A0incXot30UDD wV7rh6lCkE8=S8e1 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. JIRA issues fixed (https://issues.jboss.org/):
KEYCLOAK-11792 - keycloak-spring-boot-2-adapter is missing from Red Hat maven and incremental client adapter zip
- Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Solution:
Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-17075 - (7.2.z) Upgrade yasson from 1.0.2.redhat-00001 to 1.0.5 JBEAP-17220 - (7.2.x) HHH-13504 Upgrade ByteBuddy to 1.9.11 JBEAP-17365 - GSS Upgrade RESTEasy from 3.6.1.SP6 to 3.6.1.SP7 JBEAP-17476 - GSS Upgrade Generic JMS RA 2.0.2.Final JBEAP-17478 - GSS Upgrade JBoss Remoting from 5.0.14.SP1 to 5.0.16.Final JBEAP-17483 - GSS Upgrade Apache CXF from 3.2.9 to 3.2.10 JBEAP-17495 - (7.2.z) Upgrade PicketLink from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009 JBEAP-17496 - (7.2.z) Upgrade PicketLink bindings from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009 JBEAP-17513 - GSS Upgrade Hibernate ORM from 5.3.11.SP1 to 5.3.13 JBEAP-17521 - (7.2.z) Upgrade picketbox from 5.0.3.Final-redhat-00004 to 5.0.3.Final-redhat-00005 JBEAP-17523 - GSS Upgrade wildfly-core from 6.0.16 to 6.0.17 JBEAP-17547 - GSS Upgrade Elytron-Tool from 1.4.3 to 1.4.4.Final JBEAP-17548 - GSS Upgrade Elytron from 1.6.4.Final-redhat-00001 to 1.6.5.Final-redhat-00001 JBEAP-17560 - GSS Upgrade HAL from 3.0.16 to 3.0.17 JBEAP-17579 - GSS Upgrade JBoss MSC from 1.4.8 to 1.4.11 JBEAP-17582 - GSS Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00002 to 2.3.5.SP3-redhat-00003 JBEAP-17604 - Tracker bug for the EAP 7.2.5 release for RHEL-7 JBEAP-17631 - GSS Upgrade Undertow from 2.0.25.SP1 to 2.0.26.SP3 JBEAP-17647 - GSS Upgrade IronJacamar from 1.4.17.Final to 1.4.18.Final JBEAP-17665 - GSS Upgrade XNIO from 3.7.3.Final-redhat-00001 to 3.7.6.Final JBEAP-17722 - GSS Upgrade wildfly-http-client from 1.0.15.Final-redhat-00001 to 1.0.17.Final JBEAP-17874 - (7.2.z) Upgrade to wildfly-openssl 1.0.8 JBEAP-17880 - (7.2.z) Upgrade XNIO from 3.7.6.Final-redhat-00001 to 3.7.6.SP1
-
8) - aarch64, noarch, ppc64le, s390x, x86_64
Bug Fix(es):
-
avc: podman run --security-opt label=type:svirt_qemu_net_t (BZ#1764318)
-
backport json-file logging support to 1.4.2 (BZ#1770176)
-
Selinux won't allow SCTP inter pod communication (BZ#1774382)
-
Description:
AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section.
The References section of this erratum contains a download link (you must log in to download the update)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-0264",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.7.2.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "web gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.7.2.24"
},
{
"model": "vs960hd",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.16.1"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.12.0"
},
{
"model": "openshift service mesh",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "software collections",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "29"
},
{
"model": "graalvm",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.2.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.0.0"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2.0"
},
{
"model": "web gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.2.0"
},
{
"model": "developer tools",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3.2"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3.0"
},
{
"model": "traffic server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "6.2.3"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "12.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.0.0"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "8.0.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.13.0"
},
{
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.2"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.9"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "12.8.1"
},
{
"model": "swiftnio",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.4.0"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "7.0.0"
},
{
"model": "quay",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "jboss core services",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "traffic server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "7.1.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.11"
},
{
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.1.0"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "14"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.16.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "traffic server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "8.0.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.10"
},
{
"model": "single sign-on",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"model": "web gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.8.2.13"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "skynas",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "cloud insights",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "swiftnio",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.8.2.0"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.8.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5.1"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.04"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "trident",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "6.0.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "akamai",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amazon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apache traffic server",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cloudflare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "envoy",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "facebook",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "go programming language",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "litespeed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netty",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "node js",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "twisted",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "grpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nghttp2",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nginx",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.4.0",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "10.12",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "14.04",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.2.3",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.7.2.24",
"versionStartIncluding": "7.7.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.8.2.13",
"versionStartIncluding": "7.8.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2.0",
"versionStartIncluding": "8.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.1",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.2",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.1",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.6.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.8.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.12.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.8.1",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.16.3",
"versionStartIncluding": "10.13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.16.1",
"versionStartIncluding": "8.9.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "154638"
},
{
"db": "PACKETSTORM",
"id": "154444"
},
{
"db": "PACKETSTORM",
"id": "155037"
},
{
"db": "PACKETSTORM",
"id": "154396"
},
{
"db": "PACKETSTORM",
"id": "154712"
},
{
"db": "PACKETSTORM",
"id": "155520"
},
{
"db": "PACKETSTORM",
"id": "155484"
},
{
"db": "PACKETSTORM",
"id": "155704"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "155396"
}
],
"trust": 1.0
},
"cve": "CVE-2019-9514",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-160949",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-9514",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cret@cert.org",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-9514",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cret@cert.org",
"id": "CVE-2019-9514",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-931",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-160949",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-9514",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160949"
},
{
"db": "VULMON",
"id": "CVE-2019-9514"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-931"
},
{
"db": "NVD",
"id": "CVE-2019-9514"
},
{
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service (DoS) attacks. HTTP/2 is the second version of the hypertext transfer protocol, which is mainly used to ensure the communication between the client and the server. A resource management error vulnerability exists in HTTP/2. An attacker could exploit this vulnerability to cause a denial of service. it exists that Twisted incorrectly validated or sanitized certain\nURIs or HTTP methods. A remote attacker could use this issue to inject\ninvalid characters and possibly perform header injection attacks. \n(CVE-2019-12387). Description:\n\nBoth the openshift and atomic-enterprise-service-catalog packages have been\nrebuilt with updates versions of golang. Solution:\n\nFor OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.14, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.1/updating/updating-cluster\n- -cli.html. Description:\n\nGo Toolset provides the Go programming language tools and libraries. Go is\nalternatively known as golang. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: rh-nodejs8-nodejs security update\nAdvisory ID: RHSA-2019:2955-01\nProduct: Red Hat Software Collections\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:2955\nIssue date: 2019-10-02\nCVE Names: CVE-2019-9511 CVE-2019-9512 CVE-2019-9513\n CVE-2019-9514 CVE-2019-9515 CVE-2019-9516\n CVE-2019-9517 CVE-2019-9518\n====================================================================\n1. Summary:\n\nAn update for rh-nodejs8-nodejs is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\n\n3. Description:\n\nNode.js is a software development platform for building fast and scalable\nnetwork applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version:\nrh-nodejs8-nodejs (8.16.1). \n\nSecurity Fix(es):\n\n* HTTP/2: large amount of data requests leads to denial of service\n(CVE-2019-9511)\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using PRIORITY frames results in excessive resource\nconsumption (CVE-2019-9513)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth\n(CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth\n(CVE-2019-9515)\n\n* HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* HTTP/2: request for large response leads to denial of service\n(CVE-2019-9517)\n\n* HTTP/2: flood using empty frames results in excessive resource\nconsumption (CVE-2019-9518)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth\n1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption\n1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth\n1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth\n1735749 - CVE-2019-9518 HTTP/2: flood using empty frames results in excessive resource consumption\n1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service\n1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service\n1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-nodejs8-3.0-5.el7.src.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.src.rpm\n\naarch64:\nrh-nodejs8-3.0-5.el7.aarch64.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.aarch64.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.aarch64.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.aarch64.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.aarch64.rpm\nrh-nodejs8-runtime-3.0-5.el7.aarch64.rpm\nrh-nodejs8-scldevel-3.0-5.el7.aarch64.rpm\n\nnoarch:\nrh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm\n\nppc64le:\nrh-nodejs8-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm\nrh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm\n\ns390x:\nrh-nodejs8-3.0-5.el7.s390x.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm\nrh-nodejs8-runtime-3.0-5.el7.s390x.rpm\nrh-nodejs8-scldevel-3.0-5.el7.s390x.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-nodejs8-3.0-5.el7.src.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.src.rpm\n\naarch64:\nrh-nodejs8-3.0-5.el7.aarch64.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.aarch64.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.aarch64.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.aarch64.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.aarch64.rpm\nrh-nodejs8-runtime-3.0-5.el7.aarch64.rpm\nrh-nodejs8-scldevel-3.0-5.el7.aarch64.rpm\n\nnoarch:\nrh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm\n\nppc64le:\nrh-nodejs8-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm\nrh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm\n\ns390x:\nrh-nodejs8-3.0-5.el7.s390x.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm\nrh-nodejs8-runtime-3.0-5.el7.s390x.rpm\nrh-nodejs8-scldevel-3.0-5.el7.s390x.rpm\n\nx86_64:\nrh-nodejs8-3.0-5.el7.x86_64.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm\nrh-nodejs8-runtime-3.0-5.el7.x86_64.rpm\nrh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5):\n\nSource:\nrh-nodejs8-3.0-5.el7.src.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.src.rpm\n\nnoarch:\nrh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm\n\nppc64le:\nrh-nodejs8-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm\nrh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm\n\ns390x:\nrh-nodejs8-3.0-5.el7.s390x.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm\nrh-nodejs8-runtime-3.0-5.el7.s390x.rpm\nrh-nodejs8-scldevel-3.0-5.el7.s390x.rpm\n\nx86_64:\nrh-nodejs8-3.0-5.el7.x86_64.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm\nrh-nodejs8-runtime-3.0-5.el7.x86_64.rpm\nrh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nrh-nodejs8-3.0-5.el7.src.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.src.rpm\n\nnoarch:\nrh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm\n\nppc64le:\nrh-nodejs8-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm\nrh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm\n\ns390x:\nrh-nodejs8-3.0-5.el7.s390x.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm\nrh-nodejs8-runtime-3.0-5.el7.s390x.rpm\nrh-nodejs8-scldevel-3.0-5.el7.s390x.rpm\n\nx86_64:\nrh-nodejs8-3.0-5.el7.x86_64.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm\nrh-nodejs8-runtime-3.0-5.el7.x86_64.rpm\nrh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):\n\nSource:\nrh-nodejs8-3.0-5.el7.src.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.src.rpm\n\nnoarch:\nrh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm\n\nppc64le:\nrh-nodejs8-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.ppc64le.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.ppc64le.rpm\nrh-nodejs8-runtime-3.0-5.el7.ppc64le.rpm\nrh-nodejs8-scldevel-3.0-5.el7.ppc64le.rpm\n\ns390x:\nrh-nodejs8-3.0-5.el7.s390x.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.s390x.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.s390x.rpm\nrh-nodejs8-runtime-3.0-5.el7.s390x.rpm\nrh-nodejs8-scldevel-3.0-5.el7.s390x.rpm\n\nx86_64:\nrh-nodejs8-3.0-5.el7.x86_64.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm\nrh-nodejs8-runtime-3.0-5.el7.x86_64.rpm\nrh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-nodejs8-3.0-5.el7.src.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.src.rpm\n\nnoarch:\nrh-nodejs8-nodejs-docs-8.16.1-2.el7.noarch.rpm\n\nx86_64:\nrh-nodejs8-3.0-5.el7.x86_64.rpm\nrh-nodejs8-nodejs-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-debuginfo-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-nodejs-devel-8.16.1-2.el7.x86_64.rpm\nrh-nodejs8-npm-6.4.1-8.16.1.2.el7.x86_64.rpm\nrh-nodejs8-runtime-3.0-5.el7.x86_64.rpm\nrh-nodejs8-scldevel-3.0-5.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-9511\nhttps://access.redhat.com/security/cve/CVE-2019-9512\nhttps://access.redhat.com/security/cve/CVE-2019-9513\nhttps://access.redhat.com/security/cve/CVE-2019-9514\nhttps://access.redhat.com/security/cve/CVE-2019-9515\nhttps://access.redhat.com/security/cve/CVE-2019-9516\nhttps://access.redhat.com/security/cve/CVE-2019-9517\nhttps://access.redhat.com/security/cve/CVE-2019-9518\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXZSz+NzjgjWX9erEAQhrnQ//YWmbjNrYsOnrqBPWZDBil0Basr6JUpEe\nYoTqouv9A7gkpSoYLoCRE0E3tsTxHlQwJR91vlr/dPEtHbsF52YEGrumAQCK4H6b\nnEhOj2pH9UG+FcPUBkyHzNQXcWYLZ9vaxVCW4gUpxm0QggyigAOdIImlZkTGgcrI\nmWReipMFC8hBARJU/vQ0bCCj6LfOYnx4h2pu6Jzy+vkeVJDoCNAxGT5FwfaMZTUy\nT0y8dpzWSq/vg2Xd3JaYnoh70a8k62kEMH3VmCBNNU3aiMiXBeBMlS1i/q00IOJ+\nfy/1STMJGt1tj6xfYNsZY5E+CPVm0ZvVlKfRi8DpxPWXI48a712XZ/XONYb2jDnt\npmkNM62ZdjZahQwXyC+y8havivg7LcEzxV0G2yfkNIqM33Zplz0h4BOCmLuT4I84\nBMylBIrODsw70uWbc1DcPsF8vhmxryGfNNQ9FCk+jH52lRi3YnWkhRBThY+rpAqZ\nqmfTb4m2kD0s45q85Xv87N9F2tZJjhfYQ0U2LyHkbQov0CFkNu4YcElKMclBvvvc\nlzostLzxOJYt/l3qgXp+RlQNnlQG/jsFrEmmhskjzFJ8a9fhtBWNFxMcQ+SDBrUK\nHSNNzBwQhHam6OPCqpyWYvFT/bRbHucyMI6pGZmpc+MQ5cMAjP1A0incXot30UDD\nwV7rh6lCkE8=S8e1\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak\nproject, that provides authentication and standards-based single sign-on\ncapabilities for web and mobile applications. JIRA issues fixed (https://issues.jboss.org/):\n\nKEYCLOAK-11792 - keycloak-spring-boot-2-adapter is missing from Red Hat maven and incremental client adapter zip\n\n6. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. See the Red Hat JBoss Enterprise\nApplication Platform 7.2.5 Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release. Solution:\n\nBefore applying this update, back up your existing Red Hat JBoss Enterprise\nApplication Platform installation and deployed applications. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-17075 - (7.2.z) Upgrade yasson from 1.0.2.redhat-00001 to 1.0.5\nJBEAP-17220 - (7.2.x) HHH-13504 Upgrade ByteBuddy to 1.9.11\nJBEAP-17365 - [GSS](7.2.z) Upgrade RESTEasy from 3.6.1.SP6 to 3.6.1.SP7\nJBEAP-17476 - [GSS](7.2.z) Upgrade Generic JMS RA 2.0.2.Final\nJBEAP-17478 - [GSS](7.2.z) Upgrade JBoss Remoting from 5.0.14.SP1 to 5.0.16.Final\nJBEAP-17483 - [GSS](7.2.z) Upgrade Apache CXF from 3.2.9 to 3.2.10\nJBEAP-17495 - (7.2.z) Upgrade PicketLink from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009\nJBEAP-17496 - (7.2.z) Upgrade PicketLink bindings from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009\nJBEAP-17513 - [GSS](7.2.z) Upgrade Hibernate ORM from 5.3.11.SP1 to 5.3.13\nJBEAP-17521 - (7.2.z) Upgrade picketbox from 5.0.3.Final-redhat-00004 to 5.0.3.Final-redhat-00005\nJBEAP-17523 - [GSS](7.2.z) Upgrade wildfly-core from 6.0.16 to 6.0.17\nJBEAP-17547 - [GSS](7.2.z) Upgrade Elytron-Tool from 1.4.3 to 1.4.4.Final\nJBEAP-17548 - [GSS](7.2.z) Upgrade Elytron from 1.6.4.Final-redhat-00001 to 1.6.5.Final-redhat-00001\nJBEAP-17560 - [GSS](7.2.z) Upgrade HAL from 3.0.16 to 3.0.17\nJBEAP-17579 - [GSS](7.2.z) Upgrade JBoss MSC from 1.4.8 to 1.4.11\nJBEAP-17582 - [GSS](7.2.z) Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00002 to 2.3.5.SP3-redhat-00003\nJBEAP-17604 - Tracker bug for the EAP 7.2.5 release for RHEL-7\nJBEAP-17631 - [GSS](7.2.z) Upgrade Undertow from 2.0.25.SP1 to 2.0.26.SP3\nJBEAP-17647 - [GSS](7.2.z) Upgrade IronJacamar from 1.4.17.Final to 1.4.18.Final\nJBEAP-17665 - [GSS](7.2.z) Upgrade XNIO from 3.7.3.Final-redhat-00001 to 3.7.6.Final\nJBEAP-17722 - [GSS](7.2.z) Upgrade wildfly-http-client from 1.0.15.Final-redhat-00001 to 1.0.17.Final\nJBEAP-17874 - (7.2.z) Upgrade to wildfly-openssl 1.0.8\nJBEAP-17880 - (7.2.z) Upgrade XNIO from 3.7.6.Final-redhat-00001 to 3.7.6.SP1\n\n7. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* avc: podman run --security-opt label=type:svirt_qemu_net_t (BZ#1764318)\n\n* backport json-file logging support to 1.4.2 (BZ#1770176)\n\n* Selinux won\u0027t allow SCTP inter pod communication (BZ#1774382)\n\n4. Description:\n\nAMQ Broker is a high-performance messaging implementation based on ActiveMQ\nArtemis. It uses an asynchronous journal for fast message persistence, and\nsupports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to\nin the References section. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update)",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9514"
},
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "VULHUB",
"id": "VHN-160949"
},
{
"db": "VULMON",
"id": "CVE-2019-9514"
},
{
"db": "PACKETSTORM",
"id": "154638"
},
{
"db": "PACKETSTORM",
"id": "154444"
},
{
"db": "PACKETSTORM",
"id": "155037"
},
{
"db": "PACKETSTORM",
"id": "154396"
},
{
"db": "PACKETSTORM",
"id": "154712"
},
{
"db": "PACKETSTORM",
"id": "155520"
},
{
"db": "PACKETSTORM",
"id": "155484"
},
{
"db": "PACKETSTORM",
"id": "155704"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "155396"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9514",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#605641",
"trust": 2.6
},
{
"db": "MCAFEE",
"id": "SB10296",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/08/20/1",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/10/18/8",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201908-931",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "158651",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155520",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155484",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156852",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155396",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "157214",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "157741",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155705",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156209",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156941",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "158095",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156628",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155352",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "154135",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155728",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4238",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4737",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4332",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4324",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1544",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1030",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2619",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4533",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0643",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1766",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3152",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1076",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0994",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3114",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3597.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0007",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4645",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4596",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4586",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0100",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4788",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2071",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4697",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4484",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1335",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1427",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4368",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4665",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0832",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3597.3",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072128",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-346-01",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "43921",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "158650",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-160949",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-9514",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154638",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154444",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155037",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154396",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154712",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155704",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "VULHUB",
"id": "VHN-160949"
},
{
"db": "VULMON",
"id": "CVE-2019-9514"
},
{
"db": "PACKETSTORM",
"id": "154638"
},
{
"db": "PACKETSTORM",
"id": "154444"
},
{
"db": "PACKETSTORM",
"id": "155037"
},
{
"db": "PACKETSTORM",
"id": "154396"
},
{
"db": "PACKETSTORM",
"id": "154712"
},
{
"db": "PACKETSTORM",
"id": "155520"
},
{
"db": "PACKETSTORM",
"id": "155484"
},
{
"db": "PACKETSTORM",
"id": "155704"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "155396"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-931"
},
{
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"id": "VAR-201908-0264",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-160949"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:07:30.228000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HTTP/2 Remedial measures to achieve security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96615"
},
{
"title": "Red Hat: Important: container-tools:1.0 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194273 - security advisory"
},
{
"title": "Red Hat: Important: go-toolset-1.11 and go-toolset-1.11-golang security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192682 - security advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 3.11 HTTP/2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193906 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift Container Platform 4.1 openshift RPM security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192661 - security advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193245 - security advisory"
},
{
"title": "Red Hat: Important: go-toolset:rhel8 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192726 - security advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193265 - security advisory"
},
{
"title": "Red Hat: Important: containernetworking-plugins security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20200406 - security advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.1.20 golang security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193131 - security advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 3.9 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192769 - security advisory"
},
{
"title": "Debian CVElist Bug Report Logs: golang-1.13: CVE-2019-14809",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=4f1284fb5317a7db524840483ee9db6f"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 3.10 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192690 - security advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.1.18 gRPC security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192861 - security advisory"
},
{
"title": "Red Hat: Important: container-tools:rhel8 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194269 - security advisory"
},
{
"title": "Red Hat: CVE-2019-9514",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2019-9514"
},
{
"title": "Red Hat: Important: Red Hat OpenShift Enterprise 4.1.15 gRPC security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192766 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat Quay v3.1.1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192966 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat Single Sign-On 7.3.5 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194045 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.5 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194021 - security advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.1.14 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192594 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.5 on RHEL 6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194018 - security advisory"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2019-9512 CVE-2019-9514 CVE-2019-9515",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=7cb587dafb04d397dd392a7f09dec1d9"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2019-9512 CVE-2019-9514 CVE-2019-9515",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=84ba5eefbc1d57b08d1c61852a12e026"
},
{
"title": "Amazon Linux AMI: ALAS-2019-1270",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2019-1270"
},
{
"title": "Debian Security Advisories: DSA-4503-1 golang-1.11 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=99481074beb7ec3119ad722cad3dd9cc"
},
{
"title": "Debian Security Advisories: DSA-4508-1 h2o -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=728a827d177258876055a9107f821dfe"
},
{
"title": "Red Hat: Important: Red Hat Single Sign-On 7.3.5 security update on RHEL 7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194041 - security advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2019-9514"
},
{
"title": "Red Hat: Important: Red Hat Single Sign-On 7.3.5 security update on RHEL 8",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194042 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat Single Sign-On 7.3.5 security update on RHEL 6",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194040 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.5 on RHEL 7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194019 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.5 on RHEL 8 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194020 - security advisory"
},
{
"title": "Red Hat: Important: nodejs:10 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192925 - security advisory"
},
{
"title": "Red Hat: Important: rh-nodejs8-nodejs security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192955 - security advisory"
},
{
"title": "Debian Security Advisories: DSA-4520-1 trafficserver -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3b21ecf9ab12cf6e0b56a2ef2ccf56b8"
},
{
"title": "Red Hat: Important: Red Hat JBoss Fuse/A-MQ 6.3 R14 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20194352 - security advisory"
},
{
"title": "Red Hat: Important: EAP Continuous Delivery Technical Preview Release 18 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20202565 - security advisory"
},
{
"title": "Apple: SwiftNIO HTTP/2 1.5.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=39f63f0751cdcda5bff86ad147e8e1d5"
},
{
"title": "Arch Linux Advisories: [ASA-201908-15] go: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201908-15"
},
{
"title": "Red Hat: Important: rh-nodejs10-nodejs security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192939 - security advisory"
},
{
"title": "Ubuntu Security Notice: twisted vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4308-1"
},
{
"title": "Arch Linux Advisories: [ASA-201908-16] go-pie: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201908-16"
},
{
"title": "Red Hat: Important: Red Hat Data Grid 7.3.3 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20200727 - security advisory"
},
{
"title": "Debian Security Advisories: DSA-4669-1 nodejs -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=0919b27d8bf334fac6a8fbea7195b6b0"
},
{
"title": "Red Hat: Important: Red Hat AMQ Broker 7.4.3 release and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20201445 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat AMQ Broker 7.6 release and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20200922 - security advisory"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1272",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2019-1272"
},
{
"title": "Red Hat: Important: Red Hat Fuse 7.6.0 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20200983 - security advisory"
},
{
"title": "IBM: Security Bulletin: IBM Cloud Transformation Advisor is affected by vulnerabilities in WebSphere Application Server Liberty (CVE-2019-9515, CVE-2019-9518, CVE-2019-9517, CVE-2019-9512, CVE-2019-9514, CVE-2019-9513)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=cbf2ee0b22e92590472860fdb3718cab"
},
{
"title": "Red Hat: Important: Red Hat Process Automation Manager 7.8.0 Security Update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203197 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat Fuse 7.5.0 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193892 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat Decision Manager 7.8.0 Security Update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203196 - security advisory"
},
{
"title": "IBM: IBM Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=3b9c6b5fbfb51d956856e88dff5a7acd"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities affect IBM\u00ae SDK for Node.js\u2122 in IBM Cloud",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=89d19e42a01e098dd5f88e0433d2bb5d"
},
{
"title": "IBM: IBM Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=5ad9418973cac91ba73c01ad16b1f5a4"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM i",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=247686da02fe524817c1939b0f6b6a5c"
},
{
"title": "IBM: Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=8f76cfb8f0c5ea84a0bc28705788f854"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1ce0280dd79176d32c26f34906d1d4de"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b76ff63209def4a949aa18bdf6b518b8"
},
{
"title": "Red Hat: Important: Red Hat build of Thorntail 2.5.1 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20202067 - security advisory"
},
{
"title": "Fortinet Security Advisories: HTTP/2 Multiple DoS Attacks (VU#605641)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=fg-ir-19-225"
},
{
"title": "metarget",
"trust": 0.1,
"url": "https://github.com/brant-ruan/metarget "
},
{
"title": "Symantec Threat Intelligence Blog",
"trust": 0.1,
"url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-august-2019"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/severe-flaws-in-kubernetes-expose-all-servers-to-dos-attacks/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/http-bugs/147405/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-9514"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-931"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.1
},
{
"problemtype": "CWE-400",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160949"
},
{
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://www.debian.org/security/2019/dsa-4503"
},
{
"trust": 2.6,
"url": "https://github.com/netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"trust": 2.6,
"url": "https://www.synology.com/security/advisory/synology_sa_19_33"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2019:4019"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2019:4045"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2019:4269"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2019:4273"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:3892"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4018"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4020"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4021"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4040"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4041"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4042"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4352"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:2661"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:2682"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:2861"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:2955"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3265"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3906"
},
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/4308-1/"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/aug/24"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/aug/31"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/aug/43"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/sep/18"
},
{
"trust": 1.8,
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20190823-0001/"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20190823-0004/"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20190823-0005/"
},
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k01988340"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2019/dsa-4508"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2019/dsa-4520"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2020/dsa-4669"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/16"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2019/08/20/1"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2594"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2690"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2726"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2766"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2769"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2796"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2925"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2939"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2966"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3131"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3245"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2020:0406"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2020:0727"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10296"
},
{
"trust": 1.6,
"url": "https://blogs.akamai.com/sitr/2019/08/http2-vulnerabilities.html"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9514"
},
{
"trust": 1.0,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/security/cve/cve-2019-9514"
},
{
"trust": 1.0,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9512"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/security/cve/cve-2019-9512"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04%40%3cusers.trafficserver.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19%40%3cannounce.trafficserver.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7%40%3cdev.trafficserver.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4bbp27pzgsy6op6d26e5fw4gzkbfhnu7/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4zqghe3wtylyayjeidjvf2figqtaypmc/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/cmnfx5mnyrwwimo4btkyqcgudmho3axp/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lyo6e3h34c346d2e443glxk7ok6kiyiq/"
},
{
"trust": 1.0,
"url": "https://support.f5.com/csp/article/k01988340?utm_source=f5support\u0026amp%3butm_medium=rss"
},
{
"trust": 0.8,
"url": "https://vuls.cert.org/confluence/pages/viewpage.action?pageid=56393752"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc7540"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc7541"
},
{
"trust": 0.8,
"url": "https://blog.cloudflare.com/on-the-recent-http-2-dos-attacks/"
},
{
"trust": 0.8,
"url": "https://blog.litespeedtech.com/2019/08/15/litespeed-addresses-http-2-dos-advisories/"
},
{
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9511https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9512https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9513https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9514https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9518"
},
{
"trust": 0.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lyo6e3h34c346d2e443glxk7ok6kiyiq/"
},
{
"trust": 0.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/cmnfx5mnyrwwimo4btkyqcgudmho3axp/"
},
{
"trust": 0.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4bbp27pzgsy6op6d26e5fw4gzkbfhnu7/"
},
{
"trust": 0.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4zqghe3wtylyayjeidjvf2figqtaypmc/"
},
{
"trust": 0.8,
"url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3cannounce.trafficserver.apache.org%3e"
},
{
"trust": 0.8,
"url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3cdev.trafficserver.apache.org%3e"
},
{
"trust": 0.8,
"url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3cusers.trafficserver.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://support.f5.com/csp/article/k01988340?utm_source=f5support\u0026utm_medium=rss"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "http2-cves/"
},
{
"trust": 0.6,
"url": "https://www.cloudfoundry.org/blog/various-"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9518"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9517"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9516"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9515"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9514"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9513"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9512"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9511"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-au/ht210436"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k50233772"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1126605"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1104951"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2019:3905"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-346-01"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1109787"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1109781"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1108515"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1109775"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1165894"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1165906"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1135167"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1164346"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1164364"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200059-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1128387"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157214/red-hat-security-advisory-2020-1445-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4368/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4788/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4586/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0994/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-spectrum-protect-plus-cve-2019-15606-cve-2019-15604-cve-2019-15605-cve-2019-9511-cve-2019-9516-cve-2019-9512-cve-2019-9517-cve-2019-951/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4332/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0643/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4484/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-db2-that-affect-the-ibm-performance-management-product/"
},
{
"trust": 0.6,
"url": "http2-implementation-vulnerablility/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-websphere-liberty-susceptible-to-"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155728/red-hat-security-advisory-2019-4352-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2619/"
},
{
"trust": 0.6,
"url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9514"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3114/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-kubernetes-affect-ibm-infosphere-information-server/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-application-server-liberty-affect-ibm-spectrum-protect-operations-center-and-client-management-service/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1335/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157741/red-hat-security-advisory-2020-2067-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156209/red-hat-security-advisory-2020-0406-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3597.3/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158095/red-hat-security-advisory-2020-2565-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4737/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0832/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1137466"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/http-2-multiple-vulnerabilities-30040"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155484/red-hat-security-advisory-2019-4019-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-netty-affect-ibm-operations-analytics-predictive-insights-cve-2019-9514-cve-2019-9512-cve-2019-9518-cve-2019-9515/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/43921"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1076/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156628/red-hat-security-advisory-2020-0727-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-3/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1544/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2071/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1127397"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1427/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3597.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4665/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-vulnerability-in-netty/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-netty-affect-ibm-netcool-agile-service-manager/"
},
{
"trust": 0.6,
"url": "https://pivotal.io/security/cve-2019-9517"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4697/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-warehouse-has-released-a-fix-in-response-to-multiple-vulnerabilities-found-in-ibm-db2/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-affected-by-vulnerabilities-in-websphere-application-server-liberty-cve-2019-9515-cve-2019-9518-cve-2019-9517-cve-2019-9512-cve-2019-9514-c/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4596/"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210436"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155520/red-hat-security-advisory-2019-4045-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-ibm-websphere-application-server-affect-ibm-sterling-b2b-integrator/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1128279"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156852/red-hat-security-advisory-2020-0922-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156941/red-hat-security-advisory-2020-0983-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1766/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/154135/debian-security-advisory-4503-1.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072128"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3152/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-2/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-affected-by-multiple-vulnerabilities-in-websphere-application-server-liberty/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158651/red-hat-security-advisory-2020-3197-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4324/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4533/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1150960"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155396/red-hat-security-advisory-2019-3906-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0100/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155705/red-hat-security-advisory-2019-4273-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0007/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4238/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155352/red-hat-security-advisory-2019-3892-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1165852"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1030/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1127853"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1168528"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2019-9515"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9515"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9511"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9511"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9517"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-9517"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-9516"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-9518"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9516"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9518"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14843"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14838"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14843"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14838"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10296"
},
{
"trust": 0.1,
"url": "https://support.f5.com/csp/article/k01988340?utm_source=f5support\u0026amp;amp;utm_medium=rss"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/770.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/605641"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.1/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9513"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9513"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.rhsso\u0026downloadtype=securitypatches\u0026version=7.3"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14837"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16884"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16884"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0222"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/7.6/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20444"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10247"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.broker\u0026version=7.6.0\u0026productchanged=yes"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20445"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20444"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16869"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-7238"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:0922"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10241"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7238"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10247"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16869"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10241"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20445"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_r"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "VULHUB",
"id": "VHN-160949"
},
{
"db": "VULMON",
"id": "CVE-2019-9514"
},
{
"db": "PACKETSTORM",
"id": "154638"
},
{
"db": "PACKETSTORM",
"id": "154444"
},
{
"db": "PACKETSTORM",
"id": "155037"
},
{
"db": "PACKETSTORM",
"id": "154396"
},
{
"db": "PACKETSTORM",
"id": "154712"
},
{
"db": "PACKETSTORM",
"id": "155520"
},
{
"db": "PACKETSTORM",
"id": "155484"
},
{
"db": "PACKETSTORM",
"id": "155704"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "155396"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-931"
},
{
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "VULHUB",
"id": "VHN-160949"
},
{
"db": "VULMON",
"id": "CVE-2019-9514"
},
{
"db": "PACKETSTORM",
"id": "154638"
},
{
"db": "PACKETSTORM",
"id": "154444"
},
{
"db": "PACKETSTORM",
"id": "155037"
},
{
"db": "PACKETSTORM",
"id": "154396"
},
{
"db": "PACKETSTORM",
"id": "154712"
},
{
"db": "PACKETSTORM",
"id": "155520"
},
{
"db": "PACKETSTORM",
"id": "155484"
},
{
"db": "PACKETSTORM",
"id": "155704"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "155396"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-931"
},
{
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-13T00:00:00",
"db": "CERT/CC",
"id": "VU#605641"
},
{
"date": "2019-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-160949"
},
{
"date": "2019-08-13T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9514"
},
{
"date": "2019-09-27T13:02:22",
"db": "PACKETSTORM",
"id": "154638"
},
{
"date": "2019-09-11T13:57:29",
"db": "PACKETSTORM",
"id": "154444"
},
{
"date": "2019-10-31T14:23:11",
"db": "PACKETSTORM",
"id": "155037"
},
{
"date": "2019-09-09T23:02:04",
"db": "PACKETSTORM",
"id": "154396"
},
{
"date": "2019-10-02T15:03:59",
"db": "PACKETSTORM",
"id": "154712"
},
{
"date": "2019-12-02T19:20:27",
"db": "PACKETSTORM",
"id": "155520"
},
{
"date": "2019-11-27T15:43:14",
"db": "PACKETSTORM",
"id": "155484"
},
{
"date": "2019-12-17T15:42:47",
"db": "PACKETSTORM",
"id": "155704"
},
{
"date": "2020-03-23T15:57:42",
"db": "PACKETSTORM",
"id": "156852"
},
{
"date": "2019-11-19T15:17:09",
"db": "PACKETSTORM",
"id": "155396"
},
{
"date": "2019-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-931"
},
{
"date": "2019-08-13T21:15:12.443000",
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-19T00:00:00",
"db": "CERT/CC",
"id": "VU#605641"
},
{
"date": "2020-10-22T00:00:00",
"db": "VULHUB",
"id": "VHN-160949"
},
{
"date": "2020-12-09T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9514"
},
{
"date": "2022-07-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-931"
},
{
"date": "2023-11-07T03:13:42.390000",
"db": "NVD",
"id": "CVE-2019-9514"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-931"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion",
"sources": [
{
"db": "CERT/CC",
"id": "VU#605641"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-931"
}
],
"trust": 0.6
}
}
VAR-200809-0566
Vulnerability from variot - Updated: 2024-07-23 22:06Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. The 'libxml' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service vulnerability. The libxml package provides a library of functions that allow users to manipulate XML files, including support for reading, modifying, and writing XML and HTML files. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-06
http://security.gentoo.org/
Severity: Normal Title: libxml2: Multiple vulnerabilities Date: December 02, 2008 Bugs: #234099, #237806, #239346, #245960 ID: 200812-06
Synopsis
Multiple vulnerabilities in libxml2 might lead to execution of arbitrary code or Denial of Service.
Background
libxml2 is the XML (eXtended Markup Language) C parser and toolkit initially developed for the Gnome project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/libxml2 < 2.7.2-r1 >= 2.7.2-r1
Description
Multiple vulnerabilities were reported in libxml2:
-
Andreas Solberg reported that libxml2 does not properly detect recursion during entity expansion in an attribute value (CVE-2008-3281).
-
A heap-based buffer overflow has been reported in the xmlParseAttValueComplex() function in parser.c (CVE-2008-3529).
-
Christian Weiske reported that predefined entity definitions in entities are not properly handled (CVE-2008-4409).
-
Drew Yao of Apple Product Security reported an integer overflow in the xmlBufferResize() function that can lead to an infinite loop (CVE-2008-4225).
-
Drew Yao of Apple Product Security reported an integer overflow in the xmlSAX2Characters() function leading to a memory corruption (CVE-2008-4226).
Impact
A remote attacker could entice a user or automated system to open a specially crafted XML document with an application using libxml2, possibly resulting in the exeution of arbitrary code or a high CPU and memory consumption.
Workaround
There is no known workaround at this time.
Resolution
All libxml2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.7.2-r1"
References
[ 1 ] CVE-2008-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 [ 2 ] CVE-2008-3529 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529 [ 3 ] CVE-2008-4409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409 [ 4 ] CVE-2008-4225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 [ 5 ] CVE-2008-4226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200812-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-815-1 August 11, 2009 libxml2 vulnerabilities CVE-2008-3529, CVE-2009-2414, CVE-2009-2416 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.5
Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.4
Ubuntu 8.10: libxml2 2.6.32.dfsg-4ubuntu1.2
Ubuntu 9.04: libxml2 2.6.32.dfsg-5ubuntu4.2
After a standard system upgrade you need to restart your sessions to effect the necessary changes.
Details follow:
It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. (CVE-2009-2414)
It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. (CVE-2009-2416)
USN-644-1 fixed a vulnerability in libxml2. This advisory provides the corresponding update for Ubuntu 9.04.
Original advisory details:
It was discovered that libxml2 did not correctly handle long entity names. (CVE-2008-3529)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.diff.gz
Size/MD5: 62776 d89c05d4e7cf575a70f0f9d98db043c0
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.dsc
Size/MD5: 902 5a6bda5a6cff7f1dd1b9ac5a4a4d3dee
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg.orig.tar.gz
Size/MD5: 3293814 461eb1bf7f0c845f7ff7d9b1a4c4eac8
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.24.dfsg-1ubuntu1.5_all.deb
Size/MD5: 1253066 7f0900285bcd5980021afb1187a65882
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.24.dfsg-1ubuntu1.5_all.deb
Size/MD5: 19366 bdcb84dd5b172486d90babd60f7abe3e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_amd64.deb
Size/MD5: 918870 5c542ff6be1ebfe37ed53fb5c42d4f9a
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_amd64.deb
Size/MD5: 737430 1277b3e55c846153da8612c2b1bd6c05
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_amd64.deb
Size/MD5: 36698 941d28a2ab8c583df8ac8c4bd6053f7e
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb
Size/MD5: 753036 159fc7694915d15d86868cbd34ff1ebb
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb
Size/MD5: 181652 5e66ae52ee397d016840038de0a2f057
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_i386.deb
Size/MD5: 766190 9afc9a70749f02669713a807ceaf2ad3
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_i386.deb
Size/MD5: 642032 6e7ac3450d6220b0b5b827483622d145
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_i386.deb
Size/MD5: 32980 5fc874170294ea6f6c94a690a01dbad7
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb
Size/MD5: 685138 4a8510c2c2b66f6c55e4155af4c7e091
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb
Size/MD5: 166422 6cc5c19adb5ccb9db5fec9286790af1a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
Size/MD5: 905098 dd7b7a8b76af164a73785d7c40be445c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
Size/MD5: 761238 2f407df0d47072583fdbc6465b744b6a
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
Size/MD5: 37424 c584cfd1c16a16106d10a8d090aaccf0
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
Size/MD5: 734090 42f54b7042c391a8326558cdc924fcc2
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb
Size/MD5: 170808 8f4821f282453c7c516ba36e2c5fadd9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_sparc.deb
Size/MD5: 745812 84c50f29ba04c9c815e561e9c9b825ee
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_sparc.deb
Size/MD5: 703538 3f2e7fbc56bf64aa9631c567852dadfd
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_sparc.deb
Size/MD5: 34312 540c1cb95cd95eafe94cad690e0c7ae2
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb
Size/MD5: 716890 41e8303a6e6d3fb335a2fb06b4e1bc7a
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb
Size/MD5: 174772 567a3fdd900bc9cb34e5f2f668e48851
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.diff.gz
Size/MD5: 66035 c629b5480445cc4380bf3bae181d8484
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.dsc
Size/MD5: 1072 67e7f23a4d73713a67233d554f6c8b5c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg.orig.tar.gz
Size/MD5: 3442959 8498d4e6f284d2f0a01560f089cb5a3e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.31.dfsg-2ubuntu1.4_all.deb
Size/MD5: 1302458 9454932b37039a5af38524f7c4c0b294
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb
Size/MD5: 939490 5c561ccc0fe42d44216631b89b1addf2
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_amd64.deb
Size/MD5: 754024 1d43d32a7125d4b2ed113c7dbb469bdf
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_amd64.udeb
Size/MD5: 580472 d2e2babcee294fdd0f202d5d122c0dd2
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_amd64.deb
Size/MD5: 37052 440a067962c6e1e7ffe17071bb33fd09
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb
Size/MD5: 832898 b129c03e0971727757567d89a6d32269
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb
Size/MD5: 872964 86ab686a437dd9ed2b1ea08dbd5d9ba1
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb
Size/MD5: 297976 8acf0cdf5242fd3e6edd957db9e19c28
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb
Size/MD5: 904990 88fe3df363f8829fcfb9a0ff42aa4e96
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_i386.deb
Size/MD5: 676490 641845452580108e68afbd1605af5744
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_i386.udeb
Size/MD5: 533328 3e0d900bd1898de03a78fd408800d88e
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_i386.deb
Size/MD5: 34042 2061451c337e1b12f73f9f91125aeda2
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb
Size/MD5: 786106 664fc7281611ad8b19e5f0b62284878f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb
Size/MD5: 796320 1d531f46ab809a0f58ccdcf75f706ea5
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb
Size/MD5: 262966 d26ec52d81b118a64f13657db427f858
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb
Size/MD5: 931054 830e464f765c3109497514d96295c932
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_lpia.deb
Size/MD5: 679546 6f6ee1fe040963315471c2a2a15064d6
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_lpia.udeb
Size/MD5: 529214 af124b039059f2f24f31c50fc8fbf48f
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_lpia.deb
Size/MD5: 34488 ef4c4ea4e96d66c6d5c36e2645379915
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb
Size/MD5: 781436 ae5efc717942777be05db9c550d5ddd5
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb
Size/MD5: 788580 c16e8d94ecb5f1a14655fc4d40671f97
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb
Size/MD5: 259630 143a179bfbcff152d9f33c424ea80229
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
Size/MD5: 923448 d3ca8a5978632bec93151a892072b5c4
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
Size/MD5: 776284 92d1fb876bb167fccee4e5a6a82e8169
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_powerpc.udeb
Size/MD5: 564078 9d75d8f965c320fd17dc2c420aa6e325
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
Size/MD5: 42060 8bedb52b8485e7b65b930a39a671cbd8
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
Size/MD5: 816678 55d6f855ea9b7b14f2ce449079360f80
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
Size/MD5: 841354 b66c89a166c8a92ed136f77e2693249b
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb
Size/MD5: 285362 adc160daa3848983f4ddb678c3345199
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb
Size/MD5: 826326 f596d405cff24bfa70d8c2ff81e3439b
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_sparc.deb
Size/MD5: 719830 b0cb8e2bbbec82604b5a562f3e446f78
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_sparc.udeb
Size/MD5: 541066 f5796b6b3175b740eb55ab32887c98f1
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_sparc.deb
Size/MD5: 36190 1e5ae0d677b95e4f5b69c86ab7207c04
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb
Size/MD5: 793408 c10a54dbfe118a255b353b59fee0c895
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb
Size/MD5: 807914 3566e097583445477cad63cd721424f1
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb
Size/MD5: 277520 b0c2ed5aafa41ff970a5d8c40a12d02d
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.diff.gz
Size/MD5: 84498 bc3004e4fd1e98246801b2a5741be0f1
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.dsc
Size/MD5: 1494 5a25281495f4e6650a45f45a5a8526d2
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz
Size/MD5: 3425843 bb11c95674e775b791dab2d15e630fa4
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-4ubuntu1.2_all.deb
Size/MD5: 1308242 3aa37d0a971702bda21165e2744d3b15
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb
Size/MD5: 1014608 676fed67244fe42800b527d2d654365f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_amd64.deb
Size/MD5: 777674 72fd0dc6223b0708f936bfbf830b42a4
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_amd64.udeb
Size/MD5: 607400 82a0a91ff27913e1284ae7799156b9a5
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_amd64.deb
Size/MD5: 37346 b71638a425beef5adb16962d2dbf83f8
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb
Size/MD5: 863410 2141203bc6e460099878831efdc9de8e
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb
Size/MD5: 858904 3143613cc83f8f3b3fc171291e48f30c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb
Size/MD5: 296128 4f123d82f7393dc6271adee9b0b2154b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb
Size/MD5: 966962 48d67569f459f88564f282c5c7603eca
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_i386.deb
Size/MD5: 701786 f31b1ec9b00b32aef5dab08de74c1ca5
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_i386.udeb
Size/MD5: 563618 6c10444d19aa3010ec0b6afc46631442
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_i386.deb
Size/MD5: 33908 218bd1ab9dbed3bb7e56db1f1ac74a6a
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb
Size/MD5: 819242 f2e5722dc46494b105d2e171a7ab8230
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb
Size/MD5: 782502 c6a12f97a9d05c420e87d98f3cebe292
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb
Size/MD5: 261340 c1e353abc1bdf4c56b856228ea92e3ce
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb
Size/MD5: 994030 e6260d0cfcac28075fcbe72036374dc1
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_lpia.deb
Size/MD5: 697648 2e04c962dc20e83f635a5bf06fb87691
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_lpia.udeb
Size/MD5: 553402 8998361080659f8d3175d3621261805a
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_lpia.deb
Size/MD5: 34092 da760a43ac9492e508c6dc6c85499a95
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb
Size/MD5: 808888 d3708ffd4d87a2c48c6c37badb602ec5
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb
Size/MD5: 776836 ff4dee115d09816a99b2c7ea63e4fd10
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb
Size/MD5: 257710 6e2cf4776d778dc7ce2d2a7c098c5bd7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
Size/MD5: 985370 5f1c540dbfecf08d6ccc22798beb7d0d
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
Size/MD5: 793178 980f65e0877f36d1c51241ca6e8a4e79
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_powerpc.udeb
Size/MD5: 582030 439fe7ebaebd3e5e3c9ca5b323595da6
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
Size/MD5: 40426 648c47236b411a6b5ccbbe4ca4671af7
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
Size/MD5: 837942 7a59d92fe6c31895aadc67df56e404b2
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
Size/MD5: 822784 44a72a4996bca847bea424ad1db4d03b
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb
Size/MD5: 283028 9423c0b24aab87ffac1d85615282e38d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb
Size/MD5: 872662 fcc9c2574a5f8f9aeee5be43cedd9542
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_sparc.deb
Size/MD5: 730988 dab6026cfeee8b30a3d7d7a989621cc1
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_sparc.udeb
Size/MD5: 551174 de8a4e5e3c69eda8a888e2a4be0d8771
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_sparc.deb
Size/MD5: 36538 b1c42f5d79806ca0ddb842d6e46589e4
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb
Size/MD5: 807300 2ec0838cfed794ad0dfba8e6c2f8f5a6
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb
Size/MD5: 795578 5177c5c668b1cb6ab972a42ba74ce69b
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb
Size/MD5: 275720 848f0e32688509c20e716bf56854b3c2
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.diff.gz
Size/MD5: 86115 e8ae94cf06df5aa69bcb4e9e3478dc3a
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.dsc
Size/MD5: 1494 59db95aea21b88b40de41b4eb6286204
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz
Size/MD5: 3425843 bb11c95674e775b791dab2d15e630fa4
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-5ubuntu4.2_all.deb
Size/MD5: 1309904 8a177134aefda1c1803ee8cea7876987
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb
Size/MD5: 1014666 7eecb75acf8cfe96f0d8ad00dc6cd0f7
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_amd64.deb
Size/MD5: 777666 303a6a64d87e0666177f9ee63cf1a03c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_amd64.udeb
Size/MD5: 607592 f0abee0ba9c7cac159aa282ff04b968d
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_amd64.deb
Size/MD5: 37356 e60cf6a423c951786da162ffe21132a1
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb
Size/MD5: 864536 fd1367706366bfd805f692c39f331835
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb
Size/MD5: 863456 0e646ecc8d3e8e72fc65739a4bae3de9
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb
Size/MD5: 359004 6541b0c12852c3e490ddb20c06448eae
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb
Size/MD5: 967152 3bc76bac8a99f2bceca5169cf9394f2c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_i386.deb
Size/MD5: 701712 b3aa303a9b2fcdcbdcb62595a6876f86
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_i386.udeb
Size/MD5: 563692 fbda90721b32837d401f72def5bae5d4
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_i386.deb
Size/MD5: 33904 a3323cb518af641c59ea45369a65746f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb
Size/MD5: 820722 d26fe8acb0a5aee307d06edae3e7e28a
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb
Size/MD5: 785386 afdcafaa8bac5e88aa4a13e0d749b2ea
http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb
Size/MD5: 324412 bae919ee044ef9aaf19656b9d1976b19
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb
Size/MD5: 994408 53e4d8355d376154e295df19d3a3c60d
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_lpia.deb
Size/MD5: 697522 5222a56651f77e522ca0ad1c6d6d5de6
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_lpia.udeb
Size/MD5: 553434 48f46f951b7ebc278e84ad661d306f19
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_lpia.deb
Size/MD5: 34098 60966a769f8d75d8bc8253c687e38244
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb
Size/MD5: 810434 585824abaa30b7726f8e7beeae6150eb
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb
Size/MD5: 778354 6588b53390d8a294fc18ab6624e6c7c1
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb
Size/MD5: 320608 cb34801b64a53678cc553625fec3feaf
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
Size/MD5: 985248 ecf8b6d8401aebd949116cb0169a96fe
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
Size/MD5: 793242 1fc757dad96c16d285df20a5137af4c6
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_powerpc.udeb
Size/MD5: 582210 87a282cc9ab3bf5af1015ce0624d01d9
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
Size/MD5: 40434 3e24add8c4c0aaf0b7931dd185394d6d
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
Size/MD5: 839218 0b75a09404be80b49058058c2aa6e746
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
Size/MD5: 825710 58709b2af622ff835b15f799cd47fcfe
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb
Size/MD5: 344720 c07c4729d2191cf51d85654a83e8faf2
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb
Size/MD5: 872512 b6f95a836cabc34e1266b76cc250a9e0
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_sparc.deb
Size/MD5: 730870 607909857dea94afe8102a7131595252
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_sparc.udeb
Size/MD5: 551000 7fbe08e3223c9543645eadb4b9e0167a
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_sparc.deb
Size/MD5: 36486 c3540c5aadb1adc3f85f6276a1980d0c
http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb
Size/MD5: 807954 a3ac3191b768e4b6e1e7b1c279b26a13
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb
Size/MD5: 798558 dd9c4b6bf81302a938f71ed0f9cf47c8
http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb
Size/MD5: 338152 674bae887b0ae673dd4732498c5a738c
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2008:192 http://www.mandriva.com/security/
Package : libxml2 Date : September 11, 2008 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
Problem Description:
A heap-based buffer overflow was found in how libxml2 handled long XML entity names.
The updated packages have been patched to prevent this issue. As well, the patch to fix CVE-2008-3281 has been updated to remove the hard-coded entity limit that was set to 5M, instead using XML entity density heuristics. Many thanks to Daniel Veillard of Red Hat for his hard work in tracking down and dealing with the edge cases discovered with the initial fix to this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529
Updated Packages:
Mandriva Linux 2007.1: 9250adec77a5118119d5000f2305540f 2007.1/i586/libxml2-2.6.27-3.4mdv2007.1.i586.rpm 103dba08606f0038f3a9f4107ceba442 2007.1/i586/libxml2-devel-2.6.27-3.4mdv2007.1.i586.rpm a388bf596ef6725fb5baadb4e056a0bd 2007.1/i586/libxml2-python-2.6.27-3.4mdv2007.1.i586.rpm d2333e42a538101e36eab7d12467e08b 2007.1/i586/libxml2-utils-2.6.27-3.4mdv2007.1.i586.rpm 94a25c63f54693b7ac289223a6a3a687 2007.1/SRPMS/libxml2-2.6.27-3.4mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 343f8656039b69716fe712eeb2d1bf4e 2007.1/x86_64/lib64xml2-2.6.27-3.4mdv2007.1.x86_64.rpm 320d8dd8245f5ec6db46bedaf07afb3e 2007.1/x86_64/lib64xml2-devel-2.6.27-3.4mdv2007.1.x86_64.rpm fb6f52df6831cda42db46502cc761475 2007.1/x86_64/lib64xml2-python-2.6.27-3.4mdv2007.1.x86_64.rpm 8440fc08fee99f18a81a32035fac166a 2007.1/x86_64/libxml2-utils-2.6.27-3.4mdv2007.1.x86_64.rpm 94a25c63f54693b7ac289223a6a3a687 2007.1/SRPMS/libxml2-2.6.27-3.4mdv2007.1.src.rpm
Mandriva Linux 2008.0: c53b40d9c7ebec036f9175c8f4e87b3b 2008.0/i586/libxml2_2-2.6.30-1.4mdv2008.0.i586.rpm 4a4ed97086b52cab3bbd34fe4d7003a0 2008.0/i586/libxml2-devel-2.6.30-1.4mdv2008.0.i586.rpm d3898465dc2797a2b20be8310dd4f484 2008.0/i586/libxml2-python-2.6.30-1.4mdv2008.0.i586.rpm 34c524fa03b470093bd0b0c679bcb9c4 2008.0/i586/libxml2-utils-2.6.30-1.4mdv2008.0.i586.rpm 2dc2f4732992e27aea4c5a098c631ae8 2008.0/SRPMS/libxml2-2.6.30-1.4mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 20ac98b346a1f18b90504cb623c530d8 2008.0/x86_64/lib64xml2_2-2.6.30-1.4mdv2008.0.x86_64.rpm fd5907e801bf4f64ee79d097fcaec2b6 2008.0/x86_64/lib64xml2-devel-2.6.30-1.4mdv2008.0.x86_64.rpm 20f45401e501b9639a9b53d82a4e031f 2008.0/x86_64/libxml2-python-2.6.30-1.4mdv2008.0.x86_64.rpm 22be20e194ba2177a47d831ee8c82f47 2008.0/x86_64/libxml2-utils-2.6.30-1.4mdv2008.0.x86_64.rpm 2dc2f4732992e27aea4c5a098c631ae8 2008.0/SRPMS/libxml2-2.6.30-1.4mdv2008.0.src.rpm
Mandriva Linux 2008.1: 61e96824adc6e61b2764bb3a85e2e76d 2008.1/i586/libxml2_2-2.6.31-1.3mdv2008.1.i586.rpm 6d0cc51d32c7b6ecd609250aad302034 2008.1/i586/libxml2-devel-2.6.31-1.3mdv2008.1.i586.rpm 1e7c4ddd30677789de05cc464dde9790 2008.1/i586/libxml2-python-2.6.31-1.3mdv2008.1.i586.rpm edd477e34b08f94956eeedd387b5e509 2008.1/i586/libxml2-utils-2.6.31-1.3mdv2008.1.i586.rpm b1078a83185c1c97fada7ea5e97df753 2008.1/SRPMS/libxml2-2.6.31-1.3mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 9d25e809ad31decb111a38301b2a74c1 2008.1/x86_64/lib64xml2_2-2.6.31-1.3mdv2008.1.x86_64.rpm f35af82dffc02628edb1ce03113c3ba0 2008.1/x86_64/lib64xml2-devel-2.6.31-1.3mdv2008.1.x86_64.rpm 5819b393de9ff05be4d670c8e5d36080 2008.1/x86_64/libxml2-python-2.6.31-1.3mdv2008.1.x86_64.rpm fb670bfb1a1673f99f3c3fc3a72b7777 2008.1/x86_64/libxml2-utils-2.6.31-1.3mdv2008.1.x86_64.rpm b1078a83185c1c97fada7ea5e97df753 2008.1/SRPMS/libxml2-2.6.31-1.3mdv2008.1.src.rpm
Corporate 3.0: 82e733037c09b4b7770f5325c7ed1325 corporate/3.0/i586/libxml2-2.6.6-1.5.C30mdk.i586.rpm d66da7916f188883fd164cb250431bba corporate/3.0/i586/libxml2-devel-2.6.6-1.5.C30mdk.i586.rpm 5df28181424b19132bbff6afa872475a corporate/3.0/i586/libxml2-python-2.6.6-1.5.C30mdk.i586.rpm f7a86c3be6e4926fa101386a9cbbcbdd corporate/3.0/i586/libxml2-utils-2.6.6-1.5.C30mdk.i586.rpm c64826e1b31ed0c5d4514780ecd52e2e corporate/3.0/SRPMS/libxml2-2.6.6-1.5.C30mdk.src.rpm
Corporate 3.0/X86_64: 76e631bd88c68085dc2c5702235c2a99 corporate/3.0/x86_64/lib64xml2-2.6.6-1.5.C30mdk.x86_64.rpm 827f9f5bc3a1b869353e3c09879ea432 corporate/3.0/x86_64/lib64xml2-devel-2.6.6-1.5.C30mdk.x86_64.rpm caafa3371f80f084e8a945b3114b4533 corporate/3.0/x86_64/lib64xml2-python-2.6.6-1.5.C30mdk.x86_64.rpm e37a70f9cd13a7e00982387a9ba97726 corporate/3.0/x86_64/libxml2-utils-2.6.6-1.5.C30mdk.x86_64.rpm c64826e1b31ed0c5d4514780ecd52e2e corporate/3.0/SRPMS/libxml2-2.6.6-1.5.C30mdk.src.rpm
Corporate 4.0: 74eea161b5519eef6c16b2407126a847 corporate/4.0/i586/libxml2-2.6.21-3.4.20060mlcs4.i586.rpm 5d8d1e0e487022687c1c61fbaf91707e corporate/4.0/i586/libxml2-devel-2.6.21-3.4.20060mlcs4.i586.rpm d5aa677468c9e8baae074a12f6c63c00 corporate/4.0/i586/libxml2-python-2.6.21-3.4.20060mlcs4.i586.rpm d51b4b902bb911be69f6a17aeb07d8cf corporate/4.0/i586/libxml2-utils-2.6.21-3.4.20060mlcs4.i586.rpm ce28651304236296e59d6d3be5525889 corporate/4.0/SRPMS/libxml2-2.6.21-3.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 812f2ae0ffa7a72546b07bd7de174453 corporate/4.0/x86_64/lib64xml2-2.6.21-3.4.20060mlcs4.x86_64.rpm 23ae06098f957e46affa75220cac50af corporate/4.0/x86_64/lib64xml2-devel-2.6.21-3.4.20060mlcs4.x86_64.rpm 93cb252dadfadd4249062f903e604f82 corporate/4.0/x86_64/lib64xml2-python-2.6.21-3.4.20060mlcs4.x86_64.rpm aeff512a1b349108017e93633fabcf08 corporate/4.0/x86_64/libxml2-utils-2.6.21-3.4.20060mlcs4.x86_64.rpm ce28651304236296e59d6d3be5525889 corporate/4.0/SRPMS/libxml2-2.6.21-3.4.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIyaCLmqjQ0CJFipgRApioAJ9P7O5hzNQ4UuYvEIhTVLyyn9Tv9wCg4DSp mZuI5mJOfDomJXN1l5E7NSw= =tPwM -----END PGP SIGNATURE----- . This could allow the execution of arbitrary code via a malicious XML file.
For the stable distribution (etch), this problem has been fixed in version 2.6.27.dfsg-5.
For the unstable distribution (sid), this problem has been fixed in version 2.6.32.dfsg-4.
We recommend that you upgrade your libxml2 package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Source archives:
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.diff.gz Size/MD5 checksum: 220443 48cafbb8d1bd2c6093339fea3f14e4a0 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz Size/MD5 checksum: 3416175 5ff71b22f6253a6dd9afc1c34778dec3 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.dsc Size/MD5 checksum: 893 0dc1f183dd20741e5b4e26a7f8e1c652
Architecture independent packages:
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-5_all.deb Size/MD5 checksum: 1328144 c1c5f0ceb391893a94e61c074b677ee9
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 820850 fac5556241bb0fde20913f25fb9c73ac http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 37980 725b1c6925e610b5843ba0ad554dc7bc http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 184754 5ccbaf07b44dcfe528167074050bf270 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 916830 17d71480b7e2a447dabde99c11d752fa http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_alpha.deb Size/MD5 checksum: 881834 cac19a28b37f7afb9e07966f44ddd5b2
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 184130 a13372752d162d0fb2ccd58da6b73e20 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 36684 8a0265229bebf9245dc7bb7cc6f41d36 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 796194 6019e59020269cca8fa8fea40f83c118 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 891922 606fc28448bead2709c39a1d3e529a25 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_amd64.deb Size/MD5 checksum: 745758 95bd39eb2818772c43c3351b22326fcd
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 741876 1b670c6bac3aa9f7df28f7ea3f1e5725 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 34678 9a992dc251b137a919a813eed2af8489 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 165290 732b4e94b91a086c6b950d187af160bc http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 817514 299c93a812ac02a8aa9da88f4cb5aedf http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_arm.deb Size/MD5 checksum: 673192 d2ff2c26ee8dae05f81c24aa6dfce9b5
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 191876 4d2e33090237b47bc10e9526329f0bc5 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 36708 0ebf8554c5a0e873b128d52ceafccdfd http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 850210 bde343770ac9a7bd458e68a60c2b8434 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 858660 88f67d0d2aff41333ca2f4d4b2d6b5b2 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_hppa.deb Size/MD5 checksum: 864474 489dbd9d677c274c07abb88d0f23b969
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 755986 9fdf341ede17d7790202229db9cc1353 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 169032 272c6be290817bf9cb8b401425fd83d5 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 681472 d8a0611d638e0553da64a218fbcf291a http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 857318 6946048170dd7d142c03c13794c30d6f http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_i386.deb Size/MD5 checksum: 34496 3e3674a714f780024630ad1a2ca46eab
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 1106480 03e08564e2bf843905daecdd7c5cc4c4 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 874222 ed9ab6fa068a5b07c22ec1c10db8e0ab http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 1080186 defc5f4f9eb80872a793cc025e33a111 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 48492 5a567323dc0bf8159a6eae87957266d5 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_ia64.deb Size/MD5 checksum: 196536 cdbb137c8bb31cf29114673c4cb28e67
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 34418 4a05346cb2fc6c314e7e8aef21662469 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 171678 c94bfffc6bde639623ce9a91028960e5 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 926922 ddc8ff03120dd78869830d38a5e8708d http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 840642 57f2ea24a31904c4b07531f6292a4a8e http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mips.deb Size/MD5 checksum: 770246 20ba2586e1406d66bd34642f13265dcf
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 34398 9f0ebfb1dc37496e6b7a4e9963ffaeff http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 898346 29680d5d5baa66e251e71f55aa128e3c http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 768976 8f6464a0ef61b3ddcd271652a01c7469 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 833252 5c83c05d44526479e7c550fd0d8cbdbe http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mipsel.deb Size/MD5 checksum: 168690 eb56cb1ea49795d0a5a18af468625941
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 898010 c3d61392afcb383d0f27d5f91fda721d http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 770994 94ef895f8942b880e8823e10420120e6 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 172726 5d097f0290be2bab9b93287bad07e83f http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 37660 e977bc38e837077de7a006ef923b98bd http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_powerpc.deb Size/MD5 checksum: 779958 ad7245f8a9980d7f40234aefaf12a31b
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 185726 91661276ed6cf371373b4e61805c81b8 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 885618 218f2603ab94bf92ba45cd330fe15782 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 806024 3abe21a0d756e5a0a2ca646f0ba32729 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 36378 cbc5eb7e2f81adafeba8e857aee8c918 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_s390.deb Size/MD5 checksum: 750190 4172cb95d7aea2f9ee9331220cd5274c
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 781522 c20ea9c8ab0ec798488e68c845650036 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 713144 e0139b86fbf9644678c2c6de6462bff1 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 759568 7d46f7ceb214711851cc1f27edef2c48 http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 34580 fceb65808b2c98f621d79352eea9d2d5 http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_sparc.deb Size/MD5 checksum: 176874 f27821fe07861f2e71658bc3eb0a595e
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD4DBQFI9N2RwM/Gs81MDZ0RAqP7AJYxbWnJqF4zauFOietE80FTYW02AKDCOBt2 wvZ3MJ4FZeRn990jpLrh1A== =FZQi -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200809-0566",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.10"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.10"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.7"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "safari",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.3"
},
{
"model": "libxml2",
"scope": "lt",
"trust": 1.0,
"vendor": "xmlsoft",
"version": "2.7.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.7"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.9,
"vendor": "xmlsoft",
"version": "2.6.16"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.9,
"vendor": "xmlsoft",
"version": "2.6.14"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.9,
"vendor": "xmlsoft",
"version": "2.6.13"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.9,
"vendor": "xmlsoft",
"version": "2.6.11"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.9,
"vendor": "xmlsoft",
"version": "2.6.9"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.9,
"vendor": "xmlsoft",
"version": "2.6.6"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.9,
"vendor": "xmlsoft",
"version": "2.5.8"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.8,
"vendor": "xmlsoft",
"version": "2.7.0 before"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5 to v10.5.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5 to v10.5.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.0 to 2.2.1"
},
{
"model": "ios for ipod touch",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "1.1 to 2.2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(sparc)"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.6,
"vendor": "xmlsoft",
"version": "2.5.7"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.6,
"vendor": "xmlsoft",
"version": "2.4.30"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.6,
"vendor": "xmlsoft",
"version": "2.6.17"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.31"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.30"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.26"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.15"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.12"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.8"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.7"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.5"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.4"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.3"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.2"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.1"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.6.0"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.5.11"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.5.10"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.5.4"
},
{
"model": "libxml2",
"scope": "eq",
"trust": 0.3,
"vendor": "xmlsoft",
"version": "2.5.1"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6.1"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "java system access manager policy agent",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "networks self-service peri workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "networks self-service ccss7",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "-0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "meeting exchange enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.021"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.017"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "communication manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.3"
},
{
"model": "communication manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "communication manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "13.0"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "14.1"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "14.0"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "13.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.6"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "safari beta for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ipod touch",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "iphone",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
}
],
"sources": [
{
"db": "BID",
"id": "31126"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-180"
},
{
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.5.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.3",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andreas Solberg",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200809-180"
}
],
"trust": 0.6
},
"cve": "CVE-2008-3529",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-3529",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-33654",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-3529",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200809-180",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-33654",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2008-3529",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33654"
},
{
"db": "VULMON",
"id": "CVE-2008-3529"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-180"
},
{
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. The \u0027libxml\u0027 library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit this issue to execute arbitrary within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service vulnerability. The libxml package provides a library of functions that allow users to manipulate XML files, including support for reading, modifying, and writing XML and HTML files. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200812-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: libxml2: Multiple vulnerabilities\n Date: December 02, 2008\n Bugs: #234099, #237806, #239346, #245960\n ID: 200812-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libxml2 might lead to execution of\narbitrary code or Denial of Service. \n\nBackground\n==========\n\nlibxml2 is the XML (eXtended Markup Language) C parser and toolkit\ninitially developed for the Gnome project. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/libxml2 \u003c 2.7.2-r1 \u003e= 2.7.2-r1\n\nDescription\n===========\n\nMultiple vulnerabilities were reported in libxml2:\n\n* Andreas Solberg reported that libxml2 does not properly detect\n recursion during entity expansion in an attribute value\n (CVE-2008-3281). \n\n* A heap-based buffer overflow has been reported in the\n xmlParseAttValueComplex() function in parser.c (CVE-2008-3529). \n\n* Christian Weiske reported that predefined entity definitions in\n entities are not properly handled (CVE-2008-4409). \n\n* Drew Yao of Apple Product Security reported an integer overflow in\n the xmlBufferResize() function that can lead to an infinite loop\n (CVE-2008-4225). \n\n* Drew Yao of Apple Product Security reported an integer overflow in\n the xmlSAX2Characters() function leading to a memory corruption\n (CVE-2008-4226). \n\nImpact\n======\n\nA remote attacker could entice a user or automated system to open a\nspecially crafted XML document with an application using libxml2,\npossibly resulting in the exeution of arbitrary code or a high CPU and\nmemory consumption. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libxml2 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/libxml2-2.7.2-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2008-3281\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281\n [ 2 ] CVE-2008-3529\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529\n [ 3 ] CVE-2008-4409\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409\n [ 4 ] CVE-2008-4225\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225\n [ 5 ] CVE-2008-4226\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200812-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ===========================================================\nUbuntu Security Notice USN-815-1 August 11, 2009\nlibxml2 vulnerabilities\nCVE-2008-3529, CVE-2009-2414, CVE-2009-2416\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libxml2 2.6.24.dfsg-1ubuntu1.5\n\nUbuntu 8.04 LTS:\n libxml2 2.6.31.dfsg-2ubuntu1.4\n\nUbuntu 8.10:\n libxml2 2.6.32.dfsg-4ubuntu1.2\n\nUbuntu 9.04:\n libxml2 2.6.32.dfsg-5ubuntu4.2\n\nAfter a standard system upgrade you need to restart your sessions to effect\nthe necessary changes. \n\nDetails follow:\n\nIt was discovered that libxml2 did not correctly handle root XML document\nelement DTD definitions. (CVE-2009-2414)\n\nIt was discovered that libxml2 did not correctly parse Notation and\nEnumeration attribute types. (CVE-2009-2416)\n\nUSN-644-1 fixed a vulnerability in libxml2. This advisory provides the\ncorresponding update for Ubuntu 9.04. \n\nOriginal advisory details:\n\n It was discovered that libxml2 did not correctly handle long entity names. (CVE-2008-3529)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.diff.gz\n Size/MD5: 62776 d89c05d4e7cf575a70f0f9d98db043c0\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.dsc\n Size/MD5: 902 5a6bda5a6cff7f1dd1b9ac5a4a4d3dee\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg.orig.tar.gz\n Size/MD5: 3293814 461eb1bf7f0c845f7ff7d9b1a4c4eac8\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.24.dfsg-1ubuntu1.5_all.deb\n Size/MD5: 1253066 7f0900285bcd5980021afb1187a65882\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.24.dfsg-1ubuntu1.5_all.deb\n Size/MD5: 19366 bdcb84dd5b172486d90babd60f7abe3e\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n Size/MD5: 918870 5c542ff6be1ebfe37ed53fb5c42d4f9a\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n Size/MD5: 737430 1277b3e55c846153da8612c2b1bd6c05\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n Size/MD5: 36698 941d28a2ab8c583df8ac8c4bd6053f7e\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n Size/MD5: 753036 159fc7694915d15d86868cbd34ff1ebb\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb\n Size/MD5: 181652 5e66ae52ee397d016840038de0a2f057\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_i386.deb\n Size/MD5: 766190 9afc9a70749f02669713a807ceaf2ad3\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_i386.deb\n Size/MD5: 642032 6e7ac3450d6220b0b5b827483622d145\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_i386.deb\n Size/MD5: 32980 5fc874170294ea6f6c94a690a01dbad7\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb\n Size/MD5: 685138 4a8510c2c2b66f6c55e4155af4c7e091\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb\n Size/MD5: 166422 6cc5c19adb5ccb9db5fec9286790af1a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n Size/MD5: 905098 dd7b7a8b76af164a73785d7c40be445c\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n Size/MD5: 761238 2f407df0d47072583fdbc6465b744b6a\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n Size/MD5: 37424 c584cfd1c16a16106d10a8d090aaccf0\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n Size/MD5: 734090 42f54b7042c391a8326558cdc924fcc2\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb\n Size/MD5: 170808 8f4821f282453c7c516ba36e2c5fadd9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n Size/MD5: 745812 84c50f29ba04c9c815e561e9c9b825ee\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n Size/MD5: 703538 3f2e7fbc56bf64aa9631c567852dadfd\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n Size/MD5: 34312 540c1cb95cd95eafe94cad690e0c7ae2\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n Size/MD5: 716890 41e8303a6e6d3fb335a2fb06b4e1bc7a\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb\n Size/MD5: 174772 567a3fdd900bc9cb34e5f2f668e48851\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.diff.gz\n Size/MD5: 66035 c629b5480445cc4380bf3bae181d8484\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.dsc\n Size/MD5: 1072 67e7f23a4d73713a67233d554f6c8b5c\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg.orig.tar.gz\n Size/MD5: 3442959 8498d4e6f284d2f0a01560f089cb5a3e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.31.dfsg-2ubuntu1.4_all.deb\n Size/MD5: 1302458 9454932b37039a5af38524f7c4c0b294\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n Size/MD5: 939490 5c561ccc0fe42d44216631b89b1addf2\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n Size/MD5: 754024 1d43d32a7125d4b2ed113c7dbb469bdf\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_amd64.udeb\n Size/MD5: 580472 d2e2babcee294fdd0f202d5d122c0dd2\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n Size/MD5: 37052 440a067962c6e1e7ffe17071bb33fd09\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n Size/MD5: 832898 b129c03e0971727757567d89a6d32269\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n Size/MD5: 872964 86ab686a437dd9ed2b1ea08dbd5d9ba1\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb\n Size/MD5: 297976 8acf0cdf5242fd3e6edd957db9e19c28\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb\n Size/MD5: 904990 88fe3df363f8829fcfb9a0ff42aa4e96\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_i386.deb\n Size/MD5: 676490 641845452580108e68afbd1605af5744\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_i386.udeb\n Size/MD5: 533328 3e0d900bd1898de03a78fd408800d88e\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_i386.deb\n Size/MD5: 34042 2061451c337e1b12f73f9f91125aeda2\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb\n Size/MD5: 786106 664fc7281611ad8b19e5f0b62284878f\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb\n Size/MD5: 796320 1d531f46ab809a0f58ccdcf75f706ea5\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb\n Size/MD5: 262966 d26ec52d81b118a64f13657db427f858\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n Size/MD5: 931054 830e464f765c3109497514d96295c932\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n Size/MD5: 679546 6f6ee1fe040963315471c2a2a15064d6\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_lpia.udeb\n Size/MD5: 529214 af124b039059f2f24f31c50fc8fbf48f\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n Size/MD5: 34488 ef4c4ea4e96d66c6d5c36e2645379915\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n Size/MD5: 781436 ae5efc717942777be05db9c550d5ddd5\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n Size/MD5: 788580 c16e8d94ecb5f1a14655fc4d40671f97\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb\n Size/MD5: 259630 143a179bfbcff152d9f33c424ea80229\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n Size/MD5: 923448 d3ca8a5978632bec93151a892072b5c4\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n Size/MD5: 776284 92d1fb876bb167fccee4e5a6a82e8169\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_powerpc.udeb\n Size/MD5: 564078 9d75d8f965c320fd17dc2c420aa6e325\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n Size/MD5: 42060 8bedb52b8485e7b65b930a39a671cbd8\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n Size/MD5: 816678 55d6f855ea9b7b14f2ce449079360f80\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n Size/MD5: 841354 b66c89a166c8a92ed136f77e2693249b\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb\n Size/MD5: 285362 adc160daa3848983f4ddb678c3345199\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n Size/MD5: 826326 f596d405cff24bfa70d8c2ff81e3439b\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n Size/MD5: 719830 b0cb8e2bbbec82604b5a562f3e446f78\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_sparc.udeb\n Size/MD5: 541066 f5796b6b3175b740eb55ab32887c98f1\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n Size/MD5: 36190 1e5ae0d677b95e4f5b69c86ab7207c04\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n Size/MD5: 793408 c10a54dbfe118a255b353b59fee0c895\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n Size/MD5: 807914 3566e097583445477cad63cd721424f1\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb\n Size/MD5: 277520 b0c2ed5aafa41ff970a5d8c40a12d02d\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.diff.gz\n Size/MD5: 84498 bc3004e4fd1e98246801b2a5741be0f1\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.dsc\n Size/MD5: 1494 5a25281495f4e6650a45f45a5a8526d2\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz\n Size/MD5: 3425843 bb11c95674e775b791dab2d15e630fa4\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-4ubuntu1.2_all.deb\n Size/MD5: 1308242 3aa37d0a971702bda21165e2744d3b15\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n Size/MD5: 1014608 676fed67244fe42800b527d2d654365f\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n Size/MD5: 777674 72fd0dc6223b0708f936bfbf830b42a4\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_amd64.udeb\n Size/MD5: 607400 82a0a91ff27913e1284ae7799156b9a5\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n Size/MD5: 37346 b71638a425beef5adb16962d2dbf83f8\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n Size/MD5: 863410 2141203bc6e460099878831efdc9de8e\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n Size/MD5: 858904 3143613cc83f8f3b3fc171291e48f30c\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb\n Size/MD5: 296128 4f123d82f7393dc6271adee9b0b2154b\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb\n Size/MD5: 966962 48d67569f459f88564f282c5c7603eca\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_i386.deb\n Size/MD5: 701786 f31b1ec9b00b32aef5dab08de74c1ca5\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_i386.udeb\n Size/MD5: 563618 6c10444d19aa3010ec0b6afc46631442\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_i386.deb\n Size/MD5: 33908 218bd1ab9dbed3bb7e56db1f1ac74a6a\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb\n Size/MD5: 819242 f2e5722dc46494b105d2e171a7ab8230\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb\n Size/MD5: 782502 c6a12f97a9d05c420e87d98f3cebe292\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb\n Size/MD5: 261340 c1e353abc1bdf4c56b856228ea92e3ce\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n Size/MD5: 994030 e6260d0cfcac28075fcbe72036374dc1\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n Size/MD5: 697648 2e04c962dc20e83f635a5bf06fb87691\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_lpia.udeb\n Size/MD5: 553402 8998361080659f8d3175d3621261805a\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n Size/MD5: 34092 da760a43ac9492e508c6dc6c85499a95\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n Size/MD5: 808888 d3708ffd4d87a2c48c6c37badb602ec5\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n Size/MD5: 776836 ff4dee115d09816a99b2c7ea63e4fd10\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb\n Size/MD5: 257710 6e2cf4776d778dc7ce2d2a7c098c5bd7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n Size/MD5: 985370 5f1c540dbfecf08d6ccc22798beb7d0d\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n Size/MD5: 793178 980f65e0877f36d1c51241ca6e8a4e79\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_powerpc.udeb\n Size/MD5: 582030 439fe7ebaebd3e5e3c9ca5b323595da6\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n Size/MD5: 40426 648c47236b411a6b5ccbbe4ca4671af7\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n Size/MD5: 837942 7a59d92fe6c31895aadc67df56e404b2\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n Size/MD5: 822784 44a72a4996bca847bea424ad1db4d03b\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb\n Size/MD5: 283028 9423c0b24aab87ffac1d85615282e38d\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n Size/MD5: 872662 fcc9c2574a5f8f9aeee5be43cedd9542\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n Size/MD5: 730988 dab6026cfeee8b30a3d7d7a989621cc1\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_sparc.udeb\n Size/MD5: 551174 de8a4e5e3c69eda8a888e2a4be0d8771\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n Size/MD5: 36538 b1c42f5d79806ca0ddb842d6e46589e4\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n Size/MD5: 807300 2ec0838cfed794ad0dfba8e6c2f8f5a6\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n Size/MD5: 795578 5177c5c668b1cb6ab972a42ba74ce69b\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb\n Size/MD5: 275720 848f0e32688509c20e716bf56854b3c2\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.diff.gz\n Size/MD5: 86115 e8ae94cf06df5aa69bcb4e9e3478dc3a\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.dsc\n Size/MD5: 1494 59db95aea21b88b40de41b4eb6286204\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz\n Size/MD5: 3425843 bb11c95674e775b791dab2d15e630fa4\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-5ubuntu4.2_all.deb\n Size/MD5: 1309904 8a177134aefda1c1803ee8cea7876987\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n Size/MD5: 1014666 7eecb75acf8cfe96f0d8ad00dc6cd0f7\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n Size/MD5: 777666 303a6a64d87e0666177f9ee63cf1a03c\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_amd64.udeb\n Size/MD5: 607592 f0abee0ba9c7cac159aa282ff04b968d\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n Size/MD5: 37356 e60cf6a423c951786da162ffe21132a1\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n Size/MD5: 864536 fd1367706366bfd805f692c39f331835\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n Size/MD5: 863456 0e646ecc8d3e8e72fc65739a4bae3de9\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb\n Size/MD5: 359004 6541b0c12852c3e490ddb20c06448eae\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb\n Size/MD5: 967152 3bc76bac8a99f2bceca5169cf9394f2c\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_i386.deb\n Size/MD5: 701712 b3aa303a9b2fcdcbdcb62595a6876f86\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_i386.udeb\n Size/MD5: 563692 fbda90721b32837d401f72def5bae5d4\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_i386.deb\n Size/MD5: 33904 a3323cb518af641c59ea45369a65746f\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb\n Size/MD5: 820722 d26fe8acb0a5aee307d06edae3e7e28a\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb\n Size/MD5: 785386 afdcafaa8bac5e88aa4a13e0d749b2ea\n http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb\n Size/MD5: 324412 bae919ee044ef9aaf19656b9d1976b19\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n Size/MD5: 994408 53e4d8355d376154e295df19d3a3c60d\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n Size/MD5: 697522 5222a56651f77e522ca0ad1c6d6d5de6\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_lpia.udeb\n Size/MD5: 553434 48f46f951b7ebc278e84ad661d306f19\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n Size/MD5: 34098 60966a769f8d75d8bc8253c687e38244\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n Size/MD5: 810434 585824abaa30b7726f8e7beeae6150eb\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n Size/MD5: 778354 6588b53390d8a294fc18ab6624e6c7c1\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb\n Size/MD5: 320608 cb34801b64a53678cc553625fec3feaf\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n Size/MD5: 985248 ecf8b6d8401aebd949116cb0169a96fe\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n Size/MD5: 793242 1fc757dad96c16d285df20a5137af4c6\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_powerpc.udeb\n Size/MD5: 582210 87a282cc9ab3bf5af1015ce0624d01d9\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n Size/MD5: 40434 3e24add8c4c0aaf0b7931dd185394d6d\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n Size/MD5: 839218 0b75a09404be80b49058058c2aa6e746\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n Size/MD5: 825710 58709b2af622ff835b15f799cd47fcfe\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb\n Size/MD5: 344720 c07c4729d2191cf51d85654a83e8faf2\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n Size/MD5: 872512 b6f95a836cabc34e1266b76cc250a9e0\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n Size/MD5: 730870 607909857dea94afe8102a7131595252\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_sparc.udeb\n Size/MD5: 551000 7fbe08e3223c9543645eadb4b9e0167a\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n Size/MD5: 36486 c3540c5aadb1adc3f85f6276a1980d0c\n http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n Size/MD5: 807954 a3ac3191b768e4b6e1e7b1c279b26a13\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n Size/MD5: 798558 dd9c4b6bf81302a938f71ed0f9cf47c8\n http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb\n Size/MD5: 338152 674bae887b0ae673dd4732498c5a738c\n\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2008:192\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : libxml2\n Date : September 11, 2008\n Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0\n _______________________________________________________________________\n\n Problem Description:\n\n A heap-based buffer overflow was found in how libxml2 handled long\n XML entity names. \n \n The updated packages have been patched to prevent this issue. \n As well, the patch to fix CVE-2008-3281 has been updated to remove\n the hard-coded entity limit that was set to 5M, instead using XML\n entity density heuristics. Many thanks to Daniel Veillard of Red Hat\n for his hard work in tracking down and dealing with the edge cases\n discovered with the initial fix to this issue. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2007.1:\n 9250adec77a5118119d5000f2305540f 2007.1/i586/libxml2-2.6.27-3.4mdv2007.1.i586.rpm\n 103dba08606f0038f3a9f4107ceba442 2007.1/i586/libxml2-devel-2.6.27-3.4mdv2007.1.i586.rpm\n a388bf596ef6725fb5baadb4e056a0bd 2007.1/i586/libxml2-python-2.6.27-3.4mdv2007.1.i586.rpm\n d2333e42a538101e36eab7d12467e08b 2007.1/i586/libxml2-utils-2.6.27-3.4mdv2007.1.i586.rpm \n 94a25c63f54693b7ac289223a6a3a687 2007.1/SRPMS/libxml2-2.6.27-3.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 343f8656039b69716fe712eeb2d1bf4e 2007.1/x86_64/lib64xml2-2.6.27-3.4mdv2007.1.x86_64.rpm\n 320d8dd8245f5ec6db46bedaf07afb3e 2007.1/x86_64/lib64xml2-devel-2.6.27-3.4mdv2007.1.x86_64.rpm\n fb6f52df6831cda42db46502cc761475 2007.1/x86_64/lib64xml2-python-2.6.27-3.4mdv2007.1.x86_64.rpm\n 8440fc08fee99f18a81a32035fac166a 2007.1/x86_64/libxml2-utils-2.6.27-3.4mdv2007.1.x86_64.rpm \n 94a25c63f54693b7ac289223a6a3a687 2007.1/SRPMS/libxml2-2.6.27-3.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n c53b40d9c7ebec036f9175c8f4e87b3b 2008.0/i586/libxml2_2-2.6.30-1.4mdv2008.0.i586.rpm\n 4a4ed97086b52cab3bbd34fe4d7003a0 2008.0/i586/libxml2-devel-2.6.30-1.4mdv2008.0.i586.rpm\n d3898465dc2797a2b20be8310dd4f484 2008.0/i586/libxml2-python-2.6.30-1.4mdv2008.0.i586.rpm\n 34c524fa03b470093bd0b0c679bcb9c4 2008.0/i586/libxml2-utils-2.6.30-1.4mdv2008.0.i586.rpm \n 2dc2f4732992e27aea4c5a098c631ae8 2008.0/SRPMS/libxml2-2.6.30-1.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 20ac98b346a1f18b90504cb623c530d8 2008.0/x86_64/lib64xml2_2-2.6.30-1.4mdv2008.0.x86_64.rpm\n fd5907e801bf4f64ee79d097fcaec2b6 2008.0/x86_64/lib64xml2-devel-2.6.30-1.4mdv2008.0.x86_64.rpm\n 20f45401e501b9639a9b53d82a4e031f 2008.0/x86_64/libxml2-python-2.6.30-1.4mdv2008.0.x86_64.rpm\n 22be20e194ba2177a47d831ee8c82f47 2008.0/x86_64/libxml2-utils-2.6.30-1.4mdv2008.0.x86_64.rpm \n 2dc2f4732992e27aea4c5a098c631ae8 2008.0/SRPMS/libxml2-2.6.30-1.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 61e96824adc6e61b2764bb3a85e2e76d 2008.1/i586/libxml2_2-2.6.31-1.3mdv2008.1.i586.rpm\n 6d0cc51d32c7b6ecd609250aad302034 2008.1/i586/libxml2-devel-2.6.31-1.3mdv2008.1.i586.rpm\n 1e7c4ddd30677789de05cc464dde9790 2008.1/i586/libxml2-python-2.6.31-1.3mdv2008.1.i586.rpm\n edd477e34b08f94956eeedd387b5e509 2008.1/i586/libxml2-utils-2.6.31-1.3mdv2008.1.i586.rpm \n b1078a83185c1c97fada7ea5e97df753 2008.1/SRPMS/libxml2-2.6.31-1.3mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 9d25e809ad31decb111a38301b2a74c1 2008.1/x86_64/lib64xml2_2-2.6.31-1.3mdv2008.1.x86_64.rpm\n f35af82dffc02628edb1ce03113c3ba0 2008.1/x86_64/lib64xml2-devel-2.6.31-1.3mdv2008.1.x86_64.rpm\n 5819b393de9ff05be4d670c8e5d36080 2008.1/x86_64/libxml2-python-2.6.31-1.3mdv2008.1.x86_64.rpm\n fb670bfb1a1673f99f3c3fc3a72b7777 2008.1/x86_64/libxml2-utils-2.6.31-1.3mdv2008.1.x86_64.rpm \n b1078a83185c1c97fada7ea5e97df753 2008.1/SRPMS/libxml2-2.6.31-1.3mdv2008.1.src.rpm\n\n Corporate 3.0:\n 82e733037c09b4b7770f5325c7ed1325 corporate/3.0/i586/libxml2-2.6.6-1.5.C30mdk.i586.rpm\n d66da7916f188883fd164cb250431bba corporate/3.0/i586/libxml2-devel-2.6.6-1.5.C30mdk.i586.rpm\n 5df28181424b19132bbff6afa872475a corporate/3.0/i586/libxml2-python-2.6.6-1.5.C30mdk.i586.rpm\n f7a86c3be6e4926fa101386a9cbbcbdd corporate/3.0/i586/libxml2-utils-2.6.6-1.5.C30mdk.i586.rpm \n c64826e1b31ed0c5d4514780ecd52e2e corporate/3.0/SRPMS/libxml2-2.6.6-1.5.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 76e631bd88c68085dc2c5702235c2a99 corporate/3.0/x86_64/lib64xml2-2.6.6-1.5.C30mdk.x86_64.rpm\n 827f9f5bc3a1b869353e3c09879ea432 corporate/3.0/x86_64/lib64xml2-devel-2.6.6-1.5.C30mdk.x86_64.rpm\n caafa3371f80f084e8a945b3114b4533 corporate/3.0/x86_64/lib64xml2-python-2.6.6-1.5.C30mdk.x86_64.rpm\n e37a70f9cd13a7e00982387a9ba97726 corporate/3.0/x86_64/libxml2-utils-2.6.6-1.5.C30mdk.x86_64.rpm \n c64826e1b31ed0c5d4514780ecd52e2e corporate/3.0/SRPMS/libxml2-2.6.6-1.5.C30mdk.src.rpm\n\n Corporate 4.0:\n 74eea161b5519eef6c16b2407126a847 corporate/4.0/i586/libxml2-2.6.21-3.4.20060mlcs4.i586.rpm\n 5d8d1e0e487022687c1c61fbaf91707e corporate/4.0/i586/libxml2-devel-2.6.21-3.4.20060mlcs4.i586.rpm\n d5aa677468c9e8baae074a12f6c63c00 corporate/4.0/i586/libxml2-python-2.6.21-3.4.20060mlcs4.i586.rpm\n d51b4b902bb911be69f6a17aeb07d8cf corporate/4.0/i586/libxml2-utils-2.6.21-3.4.20060mlcs4.i586.rpm \n ce28651304236296e59d6d3be5525889 corporate/4.0/SRPMS/libxml2-2.6.21-3.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 812f2ae0ffa7a72546b07bd7de174453 corporate/4.0/x86_64/lib64xml2-2.6.21-3.4.20060mlcs4.x86_64.rpm\n 23ae06098f957e46affa75220cac50af corporate/4.0/x86_64/lib64xml2-devel-2.6.21-3.4.20060mlcs4.x86_64.rpm\n 93cb252dadfadd4249062f903e604f82 corporate/4.0/x86_64/lib64xml2-python-2.6.21-3.4.20060mlcs4.x86_64.rpm\n aeff512a1b349108017e93633fabcf08 corporate/4.0/x86_64/libxml2-utils-2.6.21-3.4.20060mlcs4.x86_64.rpm \n ce28651304236296e59d6d3be5525889 corporate/4.0/SRPMS/libxml2-2.6.21-3.4.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFIyaCLmqjQ0CJFipgRApioAJ9P7O5hzNQ4UuYvEIhTVLyyn9Tv9wCg4DSp\nmZuI5mJOfDomJXN1l5E7NSw=\n=tPwM\n-----END PGP SIGNATURE-----\n. This could allow the execution of arbitrary\ncode via a malicious XML file. \n\nFor the stable distribution (etch), this problem has been fixed in version\n2.6.27.dfsg-5. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.6.32.dfsg-4. \n\nWe recommend that you upgrade your libxml2 package. \n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.diff.gz\n Size/MD5 checksum: 220443 48cafbb8d1bd2c6093339fea3f14e4a0\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz\n Size/MD5 checksum: 3416175 5ff71b22f6253a6dd9afc1c34778dec3\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.dsc\n Size/MD5 checksum: 893 0dc1f183dd20741e5b4e26a7f8e1c652\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-5_all.deb\n Size/MD5 checksum: 1328144 c1c5f0ceb391893a94e61c074b677ee9\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_alpha.deb\n Size/MD5 checksum: 820850 fac5556241bb0fde20913f25fb9c73ac\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_alpha.deb\n Size/MD5 checksum: 37980 725b1c6925e610b5843ba0ad554dc7bc\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_alpha.deb\n Size/MD5 checksum: 184754 5ccbaf07b44dcfe528167074050bf270\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_alpha.deb\n Size/MD5 checksum: 916830 17d71480b7e2a447dabde99c11d752fa\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_alpha.deb\n Size/MD5 checksum: 881834 cac19a28b37f7afb9e07966f44ddd5b2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_amd64.deb\n Size/MD5 checksum: 184130 a13372752d162d0fb2ccd58da6b73e20\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_amd64.deb\n Size/MD5 checksum: 36684 8a0265229bebf9245dc7bb7cc6f41d36\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_amd64.deb\n Size/MD5 checksum: 796194 6019e59020269cca8fa8fea40f83c118\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_amd64.deb\n Size/MD5 checksum: 891922 606fc28448bead2709c39a1d3e529a25\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_amd64.deb\n Size/MD5 checksum: 745758 95bd39eb2818772c43c3351b22326fcd\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_arm.deb\n Size/MD5 checksum: 741876 1b670c6bac3aa9f7df28f7ea3f1e5725\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_arm.deb\n Size/MD5 checksum: 34678 9a992dc251b137a919a813eed2af8489\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_arm.deb\n Size/MD5 checksum: 165290 732b4e94b91a086c6b950d187af160bc\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_arm.deb\n Size/MD5 checksum: 817514 299c93a812ac02a8aa9da88f4cb5aedf\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_arm.deb\n Size/MD5 checksum: 673192 d2ff2c26ee8dae05f81c24aa6dfce9b5\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_hppa.deb\n Size/MD5 checksum: 191876 4d2e33090237b47bc10e9526329f0bc5\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_hppa.deb\n Size/MD5 checksum: 36708 0ebf8554c5a0e873b128d52ceafccdfd\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_hppa.deb\n Size/MD5 checksum: 850210 bde343770ac9a7bd458e68a60c2b8434\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_hppa.deb\n Size/MD5 checksum: 858660 88f67d0d2aff41333ca2f4d4b2d6b5b2\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_hppa.deb\n Size/MD5 checksum: 864474 489dbd9d677c274c07abb88d0f23b969\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_i386.deb\n Size/MD5 checksum: 755986 9fdf341ede17d7790202229db9cc1353\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_i386.deb\n Size/MD5 checksum: 169032 272c6be290817bf9cb8b401425fd83d5\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_i386.deb\n Size/MD5 checksum: 681472 d8a0611d638e0553da64a218fbcf291a\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_i386.deb\n Size/MD5 checksum: 857318 6946048170dd7d142c03c13794c30d6f\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_i386.deb\n Size/MD5 checksum: 34496 3e3674a714f780024630ad1a2ca46eab\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_ia64.deb\n Size/MD5 checksum: 1106480 03e08564e2bf843905daecdd7c5cc4c4\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_ia64.deb\n Size/MD5 checksum: 874222 ed9ab6fa068a5b07c22ec1c10db8e0ab\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_ia64.deb\n Size/MD5 checksum: 1080186 defc5f4f9eb80872a793cc025e33a111\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_ia64.deb\n Size/MD5 checksum: 48492 5a567323dc0bf8159a6eae87957266d5\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_ia64.deb\n Size/MD5 checksum: 196536 cdbb137c8bb31cf29114673c4cb28e67\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mips.deb\n Size/MD5 checksum: 34418 4a05346cb2fc6c314e7e8aef21662469\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mips.deb\n Size/MD5 checksum: 171678 c94bfffc6bde639623ce9a91028960e5\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mips.deb\n Size/MD5 checksum: 926922 ddc8ff03120dd78869830d38a5e8708d\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mips.deb\n Size/MD5 checksum: 840642 57f2ea24a31904c4b07531f6292a4a8e\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mips.deb\n Size/MD5 checksum: 770246 20ba2586e1406d66bd34642f13265dcf\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mipsel.deb\n Size/MD5 checksum: 34398 9f0ebfb1dc37496e6b7a4e9963ffaeff\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mipsel.deb\n Size/MD5 checksum: 898346 29680d5d5baa66e251e71f55aa128e3c\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mipsel.deb\n Size/MD5 checksum: 768976 8f6464a0ef61b3ddcd271652a01c7469\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mipsel.deb\n Size/MD5 checksum: 833252 5c83c05d44526479e7c550fd0d8cbdbe\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mipsel.deb\n Size/MD5 checksum: 168690 eb56cb1ea49795d0a5a18af468625941\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_powerpc.deb\n Size/MD5 checksum: 898010 c3d61392afcb383d0f27d5f91fda721d\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_powerpc.deb\n Size/MD5 checksum: 770994 94ef895f8942b880e8823e10420120e6\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_powerpc.deb\n Size/MD5 checksum: 172726 5d097f0290be2bab9b93287bad07e83f\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_powerpc.deb\n Size/MD5 checksum: 37660 e977bc38e837077de7a006ef923b98bd\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_powerpc.deb\n Size/MD5 checksum: 779958 ad7245f8a9980d7f40234aefaf12a31b\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_s390.deb\n Size/MD5 checksum: 185726 91661276ed6cf371373b4e61805c81b8\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_s390.deb\n Size/MD5 checksum: 885618 218f2603ab94bf92ba45cd330fe15782\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_s390.deb\n Size/MD5 checksum: 806024 3abe21a0d756e5a0a2ca646f0ba32729\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_s390.deb\n Size/MD5 checksum: 36378 cbc5eb7e2f81adafeba8e857aee8c918\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_s390.deb\n Size/MD5 checksum: 750190 4172cb95d7aea2f9ee9331220cd5274c\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_sparc.deb\n Size/MD5 checksum: 781522 c20ea9c8ab0ec798488e68c845650036\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_sparc.deb\n Size/MD5 checksum: 713144 e0139b86fbf9644678c2c6de6462bff1\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_sparc.deb\n Size/MD5 checksum: 759568 7d46f7ceb214711851cc1f27edef2c48\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_sparc.deb\n Size/MD5 checksum: 34580 fceb65808b2c98f621d79352eea9d2d5\n http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_sparc.deb\n Size/MD5 checksum: 176874 f27821fe07861f2e71658bc3eb0a595e\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD4DBQFI9N2RwM/Gs81MDZ0RAqP7AJYxbWnJqF4zauFOietE80FTYW02AKDCOBt2\nwvZ3MJ4FZeRn990jpLrh1A==\n=FZQi\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3529"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"db": "BID",
"id": "31126"
},
{
"db": "VULHUB",
"id": "VHN-33654"
},
{
"db": "VULMON",
"id": "CVE-2008-3529"
},
{
"db": "PACKETSTORM",
"id": "72532"
},
{
"db": "PACKETSTORM",
"id": "80275"
},
{
"db": "PACKETSTORM",
"id": "69917"
},
{
"db": "PACKETSTORM",
"id": "70915"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-33654",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=8798",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33654"
},
{
"db": "VULMON",
"id": "CVE-2008-3529"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-3529",
"trust": 3.3
},
{
"db": "BID",
"id": "31126",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "31868",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "31860",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1020855",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "31982",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "36173",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "32280",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31558",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "32265",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "35074",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31855",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "32807",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "33715",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "33722",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "35379",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "36235",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "35056",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "32974",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA09-133A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2009-1297",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-1522",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-1621",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2822",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-1298",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "8798",
"trust": 1.7
},
{
"db": "XF",
"id": "45085",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2419",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200809-180",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "80275",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "70915",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "77817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "78575",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-33654",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/1297",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2008/2822",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/1298",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/1522",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/1621",
"trust": 0.1
},
{
"db": "EXPLOITDB",
"id": "8798",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2008-3529",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "72532",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69917",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33654"
},
{
"db": "VULMON",
"id": "CVE-2008-3529"
},
{
"db": "BID",
"id": "31126"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"db": "PACKETSTORM",
"id": "72532"
},
{
"db": "PACKETSTORM",
"id": "80275"
},
{
"db": "PACKETSTORM",
"id": "69917"
},
{
"db": "PACKETSTORM",
"id": "70915"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-180"
},
{
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"id": "VAR-200809-0566",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33654"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:06:03.293000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3639",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3639"
},
{
"title": "HT3613",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3613"
},
{
"title": "HT3549",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3549"
},
{
"title": "HT3639",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3639?viewlocale=ja_jp"
},
{
"title": "HT3613",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3613?viewlocale=ja_jp"
},
{
"title": "HT3549",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3549?viewlocale=ja_jp"
},
{
"title": "libxml2-2.6.26-2.1.2.6.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=348"
},
{
"title": "1315",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1315"
},
{
"title": "1344",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1344"
},
{
"title": "RHSA-2008:0884",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0884.html"
},
{
"title": "RHSA-2008:0886",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0886.html"
},
{
"title": "CVE-2008-3529 Buffer overflow vulnerability in libxml2",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2008_3529_buffer_overflow"
},
{
"title": "247346",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247346-1"
},
{
"title": "2.7.1: Sep 1 2008",
"trust": 0.8,
"url": "http://xmlsoft.org/news.html"
},
{
"title": "RHSA-2008:0884",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0884j.html"
},
{
"title": "RHSA-2008:0886",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0886j.html"
},
{
"title": "Debian CVElist Bug Report Logs: libxml2: does not correctly handle long entity names (CVE-2008-3529)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ed42fcb753aa36b8c706df356b4944fb"
},
{
"title": "Ubuntu Security Notice: libxml2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-644-1"
},
{
"title": "Ubuntu Security Notice: libxml2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-815-1"
},
{
"title": "VMware Security Advisories: Updated ESX packages for libxml2, ucd-snmp, libtiff",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=4b3f89e87c3a2b8f6ca491f31d73afa9"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-3529"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33654"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://securitytracker.com/id?1020855"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/31126"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/31860"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/31868"
},
{
"trust": 2.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1"
},
{
"trust": 2.1,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-400.htm"
},
{
"trust": 2.1,
"url": "http://support.avaya.com/elmodocs2/security/asa-2009-025.htm"
},
{
"trust": 1.9,
"url": "http://security.gentoo.org/glsa/glsa-200812-06.xml"
},
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/644-1/"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247346-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31558"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31855"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31982"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/32265"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/32280"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/32807"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/32974"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/33715"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/33722"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35056"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35074"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35379"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/36173"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/36235"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/8798"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2822"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/1298"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2009/may/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2008/dsa-1654"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:192"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0884.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0886.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-133a.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-815-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht3549"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht3550"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht3613"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht3639"
},
{
"trust": 1.8,
"url": "http://wiki.rpath.com/advisories:rpsa-2008-0325"
},
{
"trust": 1.8,
"url": "http://xmlsoft.org/news.html"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461015"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45085"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11760"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6103"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3529"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/45085"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3529"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2008/2419"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2008-3529"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2008:0886"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2008:0884"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3529"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266428-1"
},
{
"trust": 0.3,
"url": "http://www.xmlsoft.org/"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=834296"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247346-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3281"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3281"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498768"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=16643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/8798/"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4225"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4225"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4226"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4409"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4226"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4409"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.24.dfsg-1ubuntu1.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.24.dfsg-1ubuntu1.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-4ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_i386.udeb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2414"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-4ubuntu1.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-5ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2416"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.32.dfsg-5ubuntu4.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.31.dfsg-2ubuntu1.4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.4_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.32.dfsg-5ubuntu4.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-5ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-4ubuntu1.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-5ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-4ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-4ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-4ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_arm.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33654"
},
{
"db": "VULMON",
"id": "CVE-2008-3529"
},
{
"db": "BID",
"id": "31126"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"db": "PACKETSTORM",
"id": "72532"
},
{
"db": "PACKETSTORM",
"id": "80275"
},
{
"db": "PACKETSTORM",
"id": "69917"
},
{
"db": "PACKETSTORM",
"id": "70915"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-180"
},
{
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-33654"
},
{
"db": "VULMON",
"id": "CVE-2008-3529"
},
{
"db": "BID",
"id": "31126"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"db": "PACKETSTORM",
"id": "72532"
},
{
"db": "PACKETSTORM",
"id": "80275"
},
{
"db": "PACKETSTORM",
"id": "69917"
},
{
"db": "PACKETSTORM",
"id": "70915"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-180"
},
{
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-33654"
},
{
"date": "2008-09-12T00:00:00",
"db": "VULMON",
"id": "CVE-2008-3529"
},
{
"date": "2008-09-11T00:00:00",
"db": "BID",
"id": "31126"
},
{
"date": "2008-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"date": "2008-12-02T19:43:58",
"db": "PACKETSTORM",
"id": "72532"
},
{
"date": "2009-08-11T22:46:51",
"db": "PACKETSTORM",
"id": "80275"
},
{
"date": "2008-09-12T20:19:07",
"db": "PACKETSTORM",
"id": "69917"
},
{
"date": "2008-10-14T20:43:05",
"db": "PACKETSTORM",
"id": "70915"
},
{
"date": "2008-09-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200809-180"
},
{
"date": "2008-09-12T16:56:20.493000",
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-33654"
},
{
"date": "2021-11-08T00:00:00",
"db": "VULMON",
"id": "CVE-2008-3529"
},
{
"date": "2013-03-05T18:04:00",
"db": "BID",
"id": "31126"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001702"
},
{
"date": "2023-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200809-180"
},
{
"date": "2023-02-13T02:19:25.937000",
"db": "NVD",
"id": "CVE-2008-3529"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "80275"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-180"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libxml2 of xmlParseAttValueComplex Heap-based buffer overflow vulnerability in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001702"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200809-180"
}
],
"trust": 0.6
}
}
VAR-202005-1054
Vulnerability from variot - Updated: 2024-07-23 22:03dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. dom4j To XML There is a vulnerability in an external entity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. dom4j is an open source framework for processing XML. A code issue vulnerability exists in dom4j versions prior to 2.0.3 and 2.1.x versions prior to 2.1.3. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Installation instructions are available from the Fuse 7.8.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Enterprise Application Platform 7.3.2 security update Advisory ID: RHSA-2020:3461-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:3461 Issue date: 2020-08-17 CVE Names: CVE-2019-14900 CVE-2020-1710 CVE-2020-1748 CVE-2020-10672 CVE-2020-10673 CVE-2020-10683 CVE-2020-10687 CVE-2020-10693 CVE-2020-10714 CVE-2020-10718 CVE-2020-10740 CVE-2020-14297 =====================================================================
- Summary:
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat JBoss EAP 7.3 for RHEL 6 Server - noarch
- Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
-
wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
-
dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
-
wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
-
wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
-
hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
-
wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
-
jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
-
undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
-
hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
-
wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
-
wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
- Solution:
Before applying this update, ensure all previously released errata relevant to your system have been applied.
For details about how to apply this update, see:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1666499 - CVE-2019-14900 hibernate: SQL injection issue in Hibernate ORM 1694235 - CVE-2020-10683 dom4j: XML External Entity vulnerability in default SAX parser 1785049 - CVE-2020-10687 Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests 1793970 - CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230 1805501 - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages 1807707 - CVE-2020-1748 Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain 1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication 1828476 - CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API 1834512 - CVE-2020-10740 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans 1853595 - CVE-2020-14297 wildfly: Some EJB transaction objects may get accumulated causing Denial of Service
- JIRA issues fixed (https://issues.jboss.org/):
JBEAP-18793 - GSS Upgrade Hibernate ORM from 5.3.16 to 5.3.17 JBEAP-19095 - GSS Upgrade wildfly-http-client from 1.0.20 to 1.0.21 JBEAP-19134 - (7.3.z) Upgrade HAL from 3.2.8.Final-redhat-00001 to 3.2.9.Final JBEAP-19185 - (7.3.z) Upgrade IronJacamar from 1.4.20.Final to 1.4.22.Final JBEAP-19203 - (7.3.z) WFCORE-4850 - Updating mockserver to 5.9.0. Exclusion of dependency from xom.io7m JBEAP-19205 - (7.3.z) Upgrade WildFly Core from 10.1.5.Final-redhat-00001 to 10.1.x JBEAP-19269 - GSS Upgrade jboss-logmanager from 2.1.14.Final to 2.1.15.Final JBEAP-19322 - (7.3.z) Upgrade XNIO from 3.7.7 to 3.7.8.SP1 JBEAP-19325 - (7.3.z) Upgrade Infinispan from 9.4.18.Final-redhat-00001 to 9.4.19.Final-redhat-00001 JBEAP-19397 - (7.3.z) Upgrade JSF based on Mojarra 2.3.9.SP09-redhat-00001 to 2.3.9.SP11-redhat-00001 JBEAP-19409 - Tracker bug for the EAP 7.3.2 release for RHEL-6 JBEAP-19529 - (7.3.z) Update PR template to include PR-processor hints. JBEAP-19564 - GSS Upgrade jboss-ejb-client from 4.0.31.Final-redhat-00001 to 4.0.33.Final-redhat-00001 JBEAP-19585 - GSS Upgrade org.jboss.genericjms from 2.0.4 to 2.0.6 JBEAP-19617 - (7.3.z) Upgrade wildfly-naming-client from 1.0.12.Final-redhat-00001 to 1.0.13.Final-redhat-00001 JBEAP-19619 - (7.3.z) Upgrade JBoss JSF API from 3.0.0.SP02-redhat-00001 to 3.0.0.SP04-redhat-00001 JBEAP-19673 - (7.3.z) [WFCORE] Upgrade WildFly Common to 1.5.2.Final JBEAP-19674 - (7.3.z) [WFCORE] Upgrade galleon and wildfly-galleon-plugins from 4.1.2.Final to 4.2.4.Final JBEAP-19874 - GSS Upgrade wildfly-http-client from 1.0.21.Final-redhat-00001 to 1.0.22.Final-redhat-00001
- Package List:
Red Hat JBoss EAP 7.3 for RHEL 6 Server:
Source: eap7-dom4j-2.1.3-1.redhat_00001.1.el6eap.src.rpm eap7-elytron-web-1.6.2-1.Final_redhat_00001.1.el6eap.src.rpm eap7-glassfish-jsf-2.3.9-11.SP11_redhat_00001.1.el6eap.src.rpm eap7-hal-console-3.2.9-1.Final_redhat_00001.1.el6eap.src.rpm eap7-hibernate-5.3.17-1.Final_redhat_00001.1.el6eap.src.rpm eap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el6eap.src.rpm eap7-infinispan-9.4.19-1.Final_redhat_00001.1.el6eap.src.rpm eap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el6eap.src.rpm eap7-jackson-annotations-2.10.4-1.redhat_00001.1.el6eap.src.rpm eap7-jackson-core-2.10.4-1.redhat_00001.1.el6eap.src.rpm eap7-jackson-databind-2.10.4-1.redhat_00001.1.el6eap.src.rpm eap7-jackson-jaxrs-providers-2.10.4-1.redhat_00001.1.el6eap.src.rpm eap7-jackson-modules-base-2.10.4-1.redhat_00001.1.el6eap.src.rpm eap7-jackson-modules-java8-2.10.4-1.redhat_00001.1.el6eap.src.rpm eap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el6eap.src.rpm eap7-jboss-jsf-api_2.3_spec-3.0.0-4.SP04_redhat_00001.1.el6eap.src.rpm eap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el6eap.src.rpm eap7-jboss-server-migration-1.7.1-7.Final_redhat_00009.1.el6eap.src.rpm eap7-jboss-xnio-base-3.7.8-1.SP1_redhat_00001.1.el6eap.src.rpm eap7-netty-4.1.48-1.Final_redhat_00001.1.el6eap.src.rpm eap7-undertow-2.0.30-4.SP4_redhat_00001.1.el6eap.src.rpm eap7-wildfly-7.3.2-4.GA_redhat_00002.1.el6eap.src.rpm eap7-wildfly-common-1.5.2-1.Final_redhat_00002.1.el6eap.src.rpm eap7-wildfly-elytron-1.10.7-1.Final_redhat_00001.1.el6eap.src.rpm eap7-wildfly-http-client-1.0.22-1.Final_redhat_00001.1.el6eap.src.rpm
noarch: eap7-dom4j-2.1.3-1.redhat_00001.1.el6eap.noarch.rpm eap7-glassfish-jsf-2.3.9-11.SP11_redhat_00001.1.el6eap.noarch.rpm eap7-hal-console-3.2.9-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-hibernate-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-hibernate-core-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-hibernate-entitymanager-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-hibernate-envers-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-hibernate-java8-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-hibernate-validator-cdi-6.0.20-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-cachestore-jdbc-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-cachestore-remote-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-client-hotrod-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-commons-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-core-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-hibernate-cache-commons-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-hibernate-cache-spi-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-infinispan-hibernate-cache-v53-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-common-api-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-common-impl-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-common-spi-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-core-api-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-core-impl-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-deployers-common-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-jdbc-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-ironjacamar-validator-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-jackson-annotations-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-core-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-databind-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-datatype-jdk8-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-datatype-jsr310-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-jaxrs-base-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-jaxrs-json-provider-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-module-jaxb-annotations-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-modules-base-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jackson-modules-java8-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm eap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-jboss-jsf-api_2.3_spec-3.0.0-4.SP04_redhat_00001.1.el6eap.noarch.rpm eap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-jboss-server-migration-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-cli-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-core-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-eap6.4-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-eap7.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-eap7.1-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-eap7.2-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-eap7.3-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly10.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly10.1-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly11.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly12.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly13.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly14.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly15.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly16.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly17.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly18.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly8.2-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-server-migration-wildfly9.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm eap7-jboss-xnio-base-3.7.8-1.SP1_redhat_00001.1.el6eap.noarch.rpm eap7-netty-4.1.48-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-netty-all-4.1.48-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-undertow-2.0.30-4.SP4_redhat_00001.1.el6eap.noarch.rpm eap7-undertow-server-1.6.2-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-wildfly-7.3.2-4.GA_redhat_00002.1.el6eap.noarch.rpm eap7-wildfly-common-1.5.2-1.Final_redhat_00002.1.el6eap.noarch.rpm eap7-wildfly-elytron-1.10.7-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-wildfly-elytron-tool-1.10.7-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-wildfly-http-client-common-1.0.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-wildfly-http-ejb-client-1.0.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-wildfly-http-naming-client-1.0.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-wildfly-http-transaction-client-1.0.22-1.Final_redhat_00001.1.el6eap.noarch.rpm eap7-wildfly-javadocs-7.3.2-4.GA_redhat_00002.1.el6eap.noarch.rpm eap7-wildfly-modules-7.3.2-4.GA_redhat_00002.1.el6eap.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-14900 https://access.redhat.com/security/cve/CVE-2020-1710 https://access.redhat.com/security/cve/CVE-2020-1748 https://access.redhat.com/security/cve/CVE-2020-10672 https://access.redhat.com/security/cve/CVE-2020-10673 https://access.redhat.com/security/cve/CVE-2020-10683 https://access.redhat.com/security/cve/CVE-2020-10687 https://access.redhat.com/security/cve/CVE-2020-10693 https://access.redhat.com/security/cve/CVE-2020-10714 https://access.redhat.com/security/cve/CVE-2020-10718 https://access.redhat.com/security/cve/CVE-2020-10740 https://access.redhat.com/security/cve/CVE-2020-14297 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXzqIS9zjgjWX9erEAQjYNxAAk4rojlcRbfjwu0wlWLTU1MbxQNclVtVh MpQnFzyvJVVXX0lslx7NGxHlRNWRgqI/XC1QDqlHpRs4du5/a2Uj+8c5u+WPQefF QCqOvSntbMli42/I7+fCehLVofx/HkuAVcBoGrIGby1E4rddDljh4bH3r43I7wa5 HN9ki8uFAy8bIAzfXW+RB4rxtnsAABv/VFoH1fWmrXCXE6A6aG+AU86ddty0JQHN JhQp6v/X/3ccCvHYTAO8vlbqIJ4fE86e1+5oRBor+4ZD4mMVzGKm4cf8CMPXsKIB 9dFGo8WHFBgEi4hBbBFtFfaE2DGZ6K4Q7X0IAhiiYJmpPg8NgzGiqVvOAG+/OrBz DE84ZPxZwS1zR82wwIyHP4W5mYIhQTxhtp+E9Klu4gpFIAmK8bVfGf2Ub0HOCS6z sbN1Eiv0SBfWRHBfBkuRTBd0aEcmGRNl4GSXzXtanTf0OhFk/4pxdJPmKDEBFWvg 3dtwFi7+/8JoAch8GKQCo4UoSo6etQu45sUH6Q8ozuxYA72+J9K7cpwp/fVhiYRT nruC+2HDuugrC8UVJ/24E++49omdSXAm+UR9tvkFdVU3IpXLJNWO8s4QbrGC7CN7 Lvg/ukygGhrEEyQ1J9yYSeeNISQWJGOSKj/bgYRAh/AbX/QcZZfus7ppAasNjndn Bk4PSTq9yaw= =ZNiG -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Summary:
This is a security update for JBoss EAP Continuous Delivery 20.
The References section of this erratum contains a download link (you must log in to download the update).
The JBoss server process must be restarted for the update to take effect
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-1054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "insurance rules palette",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.2.0"
},
{
"model": "communications unified inventory management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.3.0"
},
{
"model": "banking platform",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "2.10.0"
},
{
"model": "communications diameter signaling router",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.2.2"
},
{
"model": "communications diameter signaling router",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0"
},
{
"model": "insurance policy administration j2ee",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.0"
},
{
"model": "business process management suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "insurance policy administration j2ee",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.2.4"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "insurance policy administration j2ee",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.2.0"
},
{
"model": "insurance rules palette",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.2.4"
},
{
"model": "utilities framework",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "4.3.0.1.0"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.1.0.0"
},
{
"model": "utilities framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "4.4.0.2.0"
},
{
"model": "flexcube core banking",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.8.0"
},
{
"model": "dom4j",
"scope": "gte",
"trust": 1.0,
"vendor": "dom4j",
"version": "2.1.0"
},
{
"model": "data integrator",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"model": "endeca information discovery integrator",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.2.0"
},
{
"model": "utilities framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "4.2.0.2.0"
},
{
"model": "jdeveloper",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"model": "snapmanager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "documaker",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "12.6.0"
},
{
"model": "webcenter portal",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "snap creator framework",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "retail customer management and segmentation foundation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.0"
},
{
"model": "snapcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.12.17.1"
},
{
"model": "retail integration bus",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12.6.0"
},
{
"model": "webcenter portal",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "insurance rules palette",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "11.3.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "utilities framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.2.0.0.0"
},
{
"model": "health sciences information manager",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.0.1"
},
{
"model": "dom4j",
"scope": "lt",
"trust": 1.0,
"vendor": "dom4j",
"version": "2.1.3"
},
{
"model": "health sciences empirica signal",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.0"
},
{
"model": "business process management suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"model": "insurance rules palette",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.0.2"
},
{
"model": "insurance policy administration j2ee",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.0.2"
},
{
"model": "retail customer management and segmentation foundation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.0"
},
{
"model": "insurance rules palette",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.0"
},
{
"model": "utilities framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "4.4.0.0.0"
},
{
"model": "agile plm",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.3.5"
},
{
"model": "financial services analytical applications infrastructure",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.6"
},
{
"model": "communications application session controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.9m0p1"
},
{
"model": "retail price management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.0.3"
},
{
"model": "rapid planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2"
},
{
"model": "communications unified inventory management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.4.0"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.4.0.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "18.8.19.0"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0.4"
},
{
"model": "retail order broker",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.1"
},
{
"model": "dom4j",
"scope": "lt",
"trust": 1.0,
"vendor": "dom4j",
"version": "2.0.3"
},
{
"model": "banking platform",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "2.4.0"
},
{
"model": "retail price management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.1.3.0"
},
{
"model": "oncommand api services",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "agile plm",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.3.3"
},
{
"model": "retail customer management and segmentation foundation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "17.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "18.1.0.0"
},
{
"model": "flexcube core banking",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.9.0"
},
{
"model": "retail integration bus",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12.0.0"
},
{
"model": "webcenter portal",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"model": "retail price management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0.3.0"
},
{
"model": "retail customer management and segmentation foundation",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0"
},
{
"model": "retail order broker",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0"
},
{
"model": "retail price management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0.3.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "16.2.20.1"
},
{
"model": "rapid planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "retail order broker",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.0"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "17.0.4"
},
{
"model": "documaker",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "12.6.4"
},
{
"model": "data integrator",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "insurance policy administration j2ee",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "11.3.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "16.1.0.0"
},
{
"model": "utilities framework",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "4.3.0.6.0"
},
{
"model": "financial services analytical applications infrastructure",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.1.0"
},
{
"model": "utilities framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "4.2.0.3.0"
},
{
"model": "enterprise data quality",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "flexcube core banking",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.7.0"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.0.3"
},
{
"model": "flexcube core banking",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.10.0"
},
{
"model": "retail order broker",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.0"
},
{
"model": "application testing suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.3.0.1"
},
{
"model": "retail order broker",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0"
},
{
"model": "storagetek tape analytics sw tool",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.3"
},
{
"model": "enterprise data quality",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0.6"
},
{
"model": "dom4j",
"scope": "eq",
"trust": 0.8,
"vendor": "dom4j",
"version": "2.1.3"
},
{
"model": "decision manager",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "jboss enterprise application platform",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "jboss enterprise application platform continuous delivery",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "process automation",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "jboss fuse",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "software collections",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "single sign-on",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.3",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:flexcube_core_banking:11.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.0",
"versionStartIncluding": "8.0.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12.17.1",
"versionStartIncluding": "17.1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.2.20.1",
"versionStartIncluding": "16.1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.8.19.0",
"versionStartIncluding": "18.1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.6.0",
"versionStartIncluding": "19.12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.3.0.6.0",
"versionStartIncluding": "4.3.0.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_data_quality:11.1.1.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.10.0",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:health_sciences_empirica_signal:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:14.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:14.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:15.0.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_price_management:16.0.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.6.4",
"versionStartIncluding": "12.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:flexcube_core_banking:11.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:flexcube_core_banking:11.10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:flexcube_core_banking:11.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "160562"
},
{
"db": "PACKETSTORM",
"id": "158884"
},
{
"db": "PACKETSTORM",
"id": "159015"
},
{
"db": "PACKETSTORM",
"id": "158891"
},
{
"db": "PACKETSTORM",
"id": "159080"
},
{
"db": "PACKETSTORM",
"id": "158881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1133"
}
],
"trust": 1.2
},
"cve": "CVE-2020-10683",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-004997",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-163186",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10683",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-004997",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-10683",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-004997",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1133",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-163186",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-10683",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163186"
},
{
"db": "VULMON",
"id": "CVE-2020-10683"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1133"
},
{
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. dom4j To XML There is a vulnerability in an external entity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. dom4j is an open source framework for processing XML. A code issue vulnerability exists in dom4j versions prior to 2.0.3 and 2.1.x versions prior to 2.1.3. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products. \nThe purpose of this text-only errata is to inform you about the security\nissues fixed in this release. \n\nInstallation instructions are available from the Fuse 7.8.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Enterprise Application Platform 7.3.2 security update\nAdvisory ID: RHSA-2020:3461-01\nProduct: Red Hat JBoss Enterprise Application Platform\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:3461\nIssue date: 2020-08-17\nCVE Names: CVE-2019-14900 CVE-2020-1710 CVE-2020-1748 \n CVE-2020-10672 CVE-2020-10673 CVE-2020-10683 \n CVE-2020-10687 CVE-2020-10693 CVE-2020-10714 \n CVE-2020-10718 CVE-2020-10740 CVE-2020-14297 \n=====================================================================\n\n1. Summary:\n\nAn update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.3 for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat JBoss EAP 7.3 for RHEL 6 Server - noarch\n\n3. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. \n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves\nas a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1,\nand includes bug fixes and enhancements. See the Red Hat JBoss Enterprise\nApplication Platform 7.3.2 Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release. \n\nSecurity Fix(es):\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API\n(CVE-2020-10718)\n\n* dom4j: XML External Entity vulnerability in default SAX parser\n(CVE-2020-10683)\n\n* wildfly-elytron: session fixation when using FORM authentication\n(CVE-2020-10714)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to\npermitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing which could result in remote command execution\n(CVE-2020-10673)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM\n(CVE-2019-14900)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans\n(CVE-2020-10740)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing which could result in remote command execution\n(CVE-2020-10672)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230\n(CVE-2020-1710)\n\n* hibernate-validator: Improper input validation in the interpolation of\nconstraint error messages (CVE-2020-10693)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when\nusing alternative protection domain (CVE-2020-1748)\n\n* wildfly: Some EJB transaction objects may get accumulated causing Denial\nof Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, see the CVE page(s) listed in the\nReferences section. \n\n4. Solution:\n\nBefore applying this update, ensure all previously released errata relevant\nto your system have been applied. \n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1666499 - CVE-2019-14900 hibernate: SQL injection issue in Hibernate ORM\n1694235 - CVE-2020-10683 dom4j: XML External Entity vulnerability in default SAX parser\n1785049 - CVE-2020-10687 Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests\n1793970 - CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230\n1805501 - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages\n1807707 - CVE-2020-1748 Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain\n1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution\n1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution\n1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication\n1828476 - CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API\n1834512 - CVE-2020-10740 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans\n1853595 - CVE-2020-14297 wildfly: Some EJB transaction objects may get accumulated causing Denial of Service\n\n6. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-18793 - [GSS](7.3.z) Upgrade Hibernate ORM from 5.3.16 to 5.3.17\nJBEAP-19095 - [GSS](7.3.z) Upgrade wildfly-http-client from 1.0.20 to 1.0.21\nJBEAP-19134 - (7.3.z) Upgrade HAL from 3.2.8.Final-redhat-00001 to 3.2.9.Final\nJBEAP-19185 - (7.3.z) Upgrade IronJacamar from 1.4.20.Final to 1.4.22.Final\nJBEAP-19203 - (7.3.z) WFCORE-4850 - Updating mockserver to 5.9.0. Exclusion of dependency from xom.io7m\nJBEAP-19205 - (7.3.z) Upgrade WildFly Core from 10.1.5.Final-redhat-00001 to 10.1.x\nJBEAP-19269 - [GSS](7.3.z) Upgrade jboss-logmanager from 2.1.14.Final to 2.1.15.Final\nJBEAP-19322 - (7.3.z) Upgrade XNIO from 3.7.7 to 3.7.8.SP1\nJBEAP-19325 - (7.3.z) Upgrade Infinispan from 9.4.18.Final-redhat-00001 to 9.4.19.Final-redhat-00001\nJBEAP-19397 - (7.3.z) Upgrade JSF based on Mojarra 2.3.9.SP09-redhat-00001 to 2.3.9.SP11-redhat-00001\nJBEAP-19409 - Tracker bug for the EAP 7.3.2 release for RHEL-6\nJBEAP-19529 - (7.3.z) Update PR template to include PR-processor hints. \nJBEAP-19564 - [GSS](7.3.z) Upgrade jboss-ejb-client from 4.0.31.Final-redhat-00001 to 4.0.33.Final-redhat-00001\nJBEAP-19585 - [GSS](7.3.z) Upgrade org.jboss.genericjms from 2.0.4 to 2.0.6\nJBEAP-19617 - (7.3.z) Upgrade wildfly-naming-client from 1.0.12.Final-redhat-00001 to 1.0.13.Final-redhat-00001\nJBEAP-19619 - (7.3.z) Upgrade JBoss JSF API from 3.0.0.SP02-redhat-00001 to 3.0.0.SP04-redhat-00001\nJBEAP-19673 - (7.3.z) [WFCORE] Upgrade WildFly Common to 1.5.2.Final\nJBEAP-19674 - (7.3.z) [WFCORE] Upgrade galleon and wildfly-galleon-plugins from 4.1.2.Final to 4.2.4.Final\nJBEAP-19874 - [GSS](7.3.z) Upgrade wildfly-http-client from 1.0.21.Final-redhat-00001 to 1.0.22.Final-redhat-00001\n\n7. Package List:\n\nRed Hat JBoss EAP 7.3 for RHEL 6 Server:\n\nSource:\neap7-dom4j-2.1.3-1.redhat_00001.1.el6eap.src.rpm\neap7-elytron-web-1.6.2-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-glassfish-jsf-2.3.9-11.SP11_redhat_00001.1.el6eap.src.rpm\neap7-hal-console-3.2.9-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-hibernate-5.3.17-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-infinispan-9.4.19-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-jackson-annotations-2.10.4-1.redhat_00001.1.el6eap.src.rpm\neap7-jackson-core-2.10.4-1.redhat_00001.1.el6eap.src.rpm\neap7-jackson-databind-2.10.4-1.redhat_00001.1.el6eap.src.rpm\neap7-jackson-jaxrs-providers-2.10.4-1.redhat_00001.1.el6eap.src.rpm\neap7-jackson-modules-base-2.10.4-1.redhat_00001.1.el6eap.src.rpm\neap7-jackson-modules-java8-2.10.4-1.redhat_00001.1.el6eap.src.rpm\neap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-jboss-jsf-api_2.3_spec-3.0.0-4.SP04_redhat_00001.1.el6eap.src.rpm\neap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-jboss-server-migration-1.7.1-7.Final_redhat_00009.1.el6eap.src.rpm\neap7-jboss-xnio-base-3.7.8-1.SP1_redhat_00001.1.el6eap.src.rpm\neap7-netty-4.1.48-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-undertow-2.0.30-4.SP4_redhat_00001.1.el6eap.src.rpm\neap7-wildfly-7.3.2-4.GA_redhat_00002.1.el6eap.src.rpm\neap7-wildfly-common-1.5.2-1.Final_redhat_00002.1.el6eap.src.rpm\neap7-wildfly-elytron-1.10.7-1.Final_redhat_00001.1.el6eap.src.rpm\neap7-wildfly-http-client-1.0.22-1.Final_redhat_00001.1.el6eap.src.rpm\n\nnoarch:\neap7-dom4j-2.1.3-1.redhat_00001.1.el6eap.noarch.rpm\neap7-glassfish-jsf-2.3.9-11.SP11_redhat_00001.1.el6eap.noarch.rpm\neap7-hal-console-3.2.9-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-hibernate-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-hibernate-core-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-hibernate-entitymanager-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-hibernate-envers-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-hibernate-java8-5.3.17-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-hibernate-validator-cdi-6.0.20-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-cachestore-jdbc-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-cachestore-remote-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-client-hotrod-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-commons-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-core-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-hibernate-cache-commons-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-hibernate-cache-spi-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-infinispan-hibernate-cache-v53-9.4.19-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-common-api-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-common-impl-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-common-spi-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-core-api-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-core-impl-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-deployers-common-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-jdbc-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-ironjacamar-validator-1.4.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-annotations-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-core-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-databind-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-datatype-jdk8-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-datatype-jsr310-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-jaxrs-base-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-jaxrs-json-provider-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-module-jaxb-annotations-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-modules-base-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jackson-modules-java8-2.10.4-1.redhat_00001.1.el6eap.noarch.rpm\neap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-jboss-jsf-api_2.3_spec-3.0.0-4.SP04_redhat_00001.1.el6eap.noarch.rpm\neap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-jboss-server-migration-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-cli-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-core-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-eap6.4-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-eap7.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-eap7.1-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-eap7.2-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-eap7.3-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly10.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly10.1-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly11.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly12.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly13.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly14.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly15.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly16.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly17.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly18.0-server-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly8.2-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-server-migration-wildfly9.0-1.7.1-7.Final_redhat_00009.1.el6eap.noarch.rpm\neap7-jboss-xnio-base-3.7.8-1.SP1_redhat_00001.1.el6eap.noarch.rpm\neap7-netty-4.1.48-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-netty-all-4.1.48-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-undertow-2.0.30-4.SP4_redhat_00001.1.el6eap.noarch.rpm\neap7-undertow-server-1.6.2-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-wildfly-7.3.2-4.GA_redhat_00002.1.el6eap.noarch.rpm\neap7-wildfly-common-1.5.2-1.Final_redhat_00002.1.el6eap.noarch.rpm\neap7-wildfly-elytron-1.10.7-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-wildfly-elytron-tool-1.10.7-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-wildfly-http-client-common-1.0.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-wildfly-http-ejb-client-1.0.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-wildfly-http-naming-client-1.0.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-wildfly-http-transaction-client-1.0.22-1.Final_redhat_00001.1.el6eap.noarch.rpm\neap7-wildfly-javadocs-7.3.2-4.GA_redhat_00002.1.el6eap.noarch.rpm\neap7-wildfly-modules-7.3.2-4.GA_redhat_00002.1.el6eap.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n8. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-14900\nhttps://access.redhat.com/security/cve/CVE-2020-1710\nhttps://access.redhat.com/security/cve/CVE-2020-1748\nhttps://access.redhat.com/security/cve/CVE-2020-10672\nhttps://access.redhat.com/security/cve/CVE-2020-10673\nhttps://access.redhat.com/security/cve/CVE-2020-10683\nhttps://access.redhat.com/security/cve/CVE-2020-10687\nhttps://access.redhat.com/security/cve/CVE-2020-10693\nhttps://access.redhat.com/security/cve/CVE-2020-10714\nhttps://access.redhat.com/security/cve/CVE-2020-10718\nhttps://access.redhat.com/security/cve/CVE-2020-10740\nhttps://access.redhat.com/security/cve/CVE-2020-14297\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/\nhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/\n\n9. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXzqIS9zjgjWX9erEAQjYNxAAk4rojlcRbfjwu0wlWLTU1MbxQNclVtVh\nMpQnFzyvJVVXX0lslx7NGxHlRNWRgqI/XC1QDqlHpRs4du5/a2Uj+8c5u+WPQefF\nQCqOvSntbMli42/I7+fCehLVofx/HkuAVcBoGrIGby1E4rddDljh4bH3r43I7wa5\nHN9ki8uFAy8bIAzfXW+RB4rxtnsAABv/VFoH1fWmrXCXE6A6aG+AU86ddty0JQHN\nJhQp6v/X/3ccCvHYTAO8vlbqIJ4fE86e1+5oRBor+4ZD4mMVzGKm4cf8CMPXsKIB\n9dFGo8WHFBgEi4hBbBFtFfaE2DGZ6K4Q7X0IAhiiYJmpPg8NgzGiqVvOAG+/OrBz\nDE84ZPxZwS1zR82wwIyHP4W5mYIhQTxhtp+E9Klu4gpFIAmK8bVfGf2Ub0HOCS6z\nsbN1Eiv0SBfWRHBfBkuRTBd0aEcmGRNl4GSXzXtanTf0OhFk/4pxdJPmKDEBFWvg\n3dtwFi7+/8JoAch8GKQCo4UoSo6etQu45sUH6Q8ozuxYA72+J9K7cpwp/fVhiYRT\nnruC+2HDuugrC8UVJ/24E++49omdSXAm+UR9tvkFdVU3IpXLJNWO8s4QbrGC7CN7\nLvg/ukygGhrEEyQ1J9yYSeeNISQWJGOSKj/bgYRAh/AbX/QcZZfus7ppAasNjndn\nBk4PSTq9yaw=\n=ZNiG\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Summary:\n\nThis is a security update for JBoss EAP Continuous Delivery 20. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\nThe JBoss server process must be restarted for the update to take effect",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10683"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"db": "VULHUB",
"id": "VHN-163186"
},
{
"db": "VULMON",
"id": "CVE-2020-10683"
},
{
"db": "PACKETSTORM",
"id": "160562"
},
{
"db": "PACKETSTORM",
"id": "158884"
},
{
"db": "PACKETSTORM",
"id": "159015"
},
{
"db": "PACKETSTORM",
"id": "158891"
},
{
"db": "PACKETSTORM",
"id": "159080"
},
{
"db": "PACKETSTORM",
"id": "158881"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-163186",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163186"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10683",
"trust": 3.2
},
{
"db": "PACKETSTORM",
"id": "160562",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "158891",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "159015",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004997",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1133",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159083",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159921",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "158916",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159544",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.2837",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4464",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2087",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2826",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1581",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3781",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3894",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2992",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3742",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3513",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3065",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021042542",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021072165",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072096",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021042642",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021072747",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47453",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "158881",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "159080",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "158884",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "159081",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "158889",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "159924",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "159082",
"trust": 0.1
},
{
"db": "CNVD",
"id": "CNVD-2020-33467",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-163186",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-10683",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163186"
},
{
"db": "VULMON",
"id": "CVE-2020-10683"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"db": "PACKETSTORM",
"id": "160562"
},
{
"db": "PACKETSTORM",
"id": "158884"
},
{
"db": "PACKETSTORM",
"id": "159015"
},
{
"db": "PACKETSTORM",
"id": "158891"
},
{
"db": "PACKETSTORM",
"id": "159080"
},
{
"db": "PACKETSTORM",
"id": "158881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1133"
},
{
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"id": "VAR-202005-1054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-163186"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:03:49.580000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAXReader uses system default XMLReader with its defaults. New factory method SAXReader.createDefault() sets more secure defaults.",
"trust": 0.8,
"url": "https://github.com/dom4j/dom4j/commit/a8228522a99a02146106672a34c104adbda5c658"
},
{
"title": "version-2.1.3",
"trust": 0.8,
"url": "https://github.com/dom4j/dom4j/releases/tag/version-2.1.3"
},
{
"title": "Bug 1694235",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"title": "dom4j Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=116859"
},
{
"title": "Debian CVElist Bug Report Logs: dom4j: CVE-2020-10683: XML External Entity vulnerability in default SAX parser",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=92018ce9305762cd7f6c51b2cc808332"
},
{
"title": "Red Hat: Moderate: Red Hat Decision Manager 7.9.0 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204960 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Process Automation Manager 7.9.0 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204961 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.3.2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203463 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.3.2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203461 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.3.2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203462 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.3.2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203464 - security advisory"
},
{
"title": "Red Hat: Important: EAP Continuous Delivery Technical Preview Release 20 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203585 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat Single Sign-On 7.4.2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203501 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203637 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 8 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203639 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.9 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203642 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203638 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat Fuse 7.8.0 release and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205568 - security advisory"
},
{
"title": "PHunter",
"trust": 0.1,
"url": "https://github.com/anonymous-phunter/phunter "
},
{
"title": "PHunter",
"trust": 0.1,
"url": "https://github.com/cgcl-codes/phunter "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-10683"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1133"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163186"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.oracle.com/security-alerts/cpuapr2021.html"
},
{
"trust": 2.4,
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"trust": 2.4,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 2.4,
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"trust": 2.4,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10683"
},
{
"trust": 1.8,
"url": "https://github.com/dom4j/dom4j/commit/a8228522a99a02146106672a34c104adbda5c658"
},
{
"trust": 1.8,
"url": "https://github.com/dom4j/dom4j/releases/tag/version-2.1.3"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20200518-0002/"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"trust": 1.8,
"url": "https://cheatsheetseries.owasp.org/cheatsheets/xml_external_entity_prevention_cheat_sheet.html"
},
{
"trust": 1.8,
"url": "https://github.com/dom4j/dom4j/commits/version-2.0.3"
},
{
"trust": 1.8,
"url": "https://github.com/dom4j/dom4j/issues/87"
},
{
"trust": 1.8,
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00061.html"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4575-1/"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10683"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r51f3f9801058e47153c0ad9bc6209d57a592fc0e7aefd787760911b8%40%3cdev.velocity.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r91c64cd51e68e97d524395474eaa25362d564572276b9917fcbf5c32%40%3cdev.velocity.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rb1b990d7920ae0d50da5109b73b92bab736d46c9788dd4b135cb1a51%40%3cnotifications.freemarker.apache.org%3e"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10683"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/rb1b990d7920ae0d50da5109b73b92bab736d46c9788dd4b135cb1a51@%3cnotifications.freemarker.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r91c64cd51e68e97d524395474eaa25362d564572276b9917fcbf5c32@%3cdev.velocity.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r51f3f9801058e47153c0ad9bc6209d57a592fc0e7aefd787760911b8@%3cdev.velocity.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10740"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14900"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2019-14900"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2020-10740"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3513/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3781"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160562/red-hat-security-advisory-2020-5568-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072096"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2992/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159544/ubuntu-security-notice-usn-4575-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4464/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2087/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159015/red-hat-security-advisory-2020-3585-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072165"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159921/red-hat-security-advisory-2020-4960-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2837/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6525182"
},
{
"trust": 0.6,
"url": "https://www.oracle.com/security-alerts/cpujul2021.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158916/red-hat-security-advisory-2020-3501-01.html"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47453"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3894/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1581/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletinibm-resilient-soar-is-using-components-with-known-vulnerabilities-dom4j-cve-2020-10683/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158891/red-hat-security-advisory-2020-3463-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-jquery-spring-dom4j-mongodb-linux-kernel-targetcli-fb-jackson-node-js-and-apache-commons-affect-ibm-spectrum-protect-plus/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021042542"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072747"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021042642"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2826/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/dom4j-external-xml-entity-injection-via-saxreader-32161"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-dom4j-as-used-by-ibm-qradar-siem-contains-multiple-vulnerabilities-cve-2018-1000632-cve-2020-10683/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3742/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159083/red-hat-security-advisory-2020-3642-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3065/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-10714"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-10673"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10714"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10673"
},
{
"trust": 0.4,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1710"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14297"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-10672"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10693"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10687"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-14297"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10672"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-10693"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-10687"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-1710"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-10718"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10718"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1748"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-1748"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-1719"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-6950"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6950"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14307"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14307"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/611.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.8.0"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12406"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-2692"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9488"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000873"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17566"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13990"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1950"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12406"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11989"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0210"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11980"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1393"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17566"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1000873"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9489"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14326"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13692"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0210"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10202"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10202"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13990"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3773"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13692"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10219"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1714"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-5398"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11777"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13933"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12423"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3774"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12423"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2692"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11994"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19343"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5568"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3773"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0205"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11777"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3461"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10172"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3585"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product\\xeap-cd\u0026version"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1954"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10172"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10719"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform_continuous_delivery/20/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14371"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14371"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1954"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3463"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9547"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1695"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9546"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9547"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1695"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9548"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9546"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3464"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163186"
},
{
"db": "VULMON",
"id": "CVE-2020-10683"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"db": "PACKETSTORM",
"id": "160562"
},
{
"db": "PACKETSTORM",
"id": "158884"
},
{
"db": "PACKETSTORM",
"id": "159015"
},
{
"db": "PACKETSTORM",
"id": "158891"
},
{
"db": "PACKETSTORM",
"id": "159080"
},
{
"db": "PACKETSTORM",
"id": "158881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1133"
},
{
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-163186"
},
{
"db": "VULMON",
"id": "CVE-2020-10683"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"db": "PACKETSTORM",
"id": "160562"
},
{
"db": "PACKETSTORM",
"id": "158884"
},
{
"db": "PACKETSTORM",
"id": "159015"
},
{
"db": "PACKETSTORM",
"id": "158891"
},
{
"db": "PACKETSTORM",
"id": "159080"
},
{
"db": "PACKETSTORM",
"id": "158881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1133"
},
{
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-01T00:00:00",
"db": "VULHUB",
"id": "VHN-163186"
},
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10683"
},
{
"date": "2020-06-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"date": "2020-12-16T18:17:52",
"db": "PACKETSTORM",
"id": "160562"
},
{
"date": "2020-08-17T17:34:41",
"db": "PACKETSTORM",
"id": "158884"
},
{
"date": "2020-08-31T16:22:15",
"db": "PACKETSTORM",
"id": "159015"
},
{
"date": "2020-08-17T17:43:22",
"db": "PACKETSTORM",
"id": "158891"
},
{
"date": "2020-09-07T16:37:51",
"db": "PACKETSTORM",
"id": "159080"
},
{
"date": "2020-08-17T15:35:45",
"db": "PACKETSTORM",
"id": "158881"
},
{
"date": "2020-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1133"
},
{
"date": "2020-05-01T19:15:12.927000",
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-163186"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-10683"
},
{
"date": "2020-06-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004997"
},
{
"date": "2023-07-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1133"
},
{
"date": "2023-11-07T03:14:11.907000",
"db": "NVD",
"id": "CVE-2020-10683"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "160562"
},
{
"db": "PACKETSTORM",
"id": "158884"
},
{
"db": "PACKETSTORM",
"id": "159015"
},
{
"db": "PACKETSTORM",
"id": "158891"
},
{
"db": "PACKETSTORM",
"id": "159080"
},
{
"db": "PACKETSTORM",
"id": "158881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1133"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "dom4j In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004997"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1133"
}
],
"trust": 0.6
}
}
VAR-201911-1619
Vulnerability from variot - Updated: 2024-07-23 22:03Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. Both Microsoft Windows and Microsoft Windows Server are products of Microsoft Corporation. Microsoft Windows is an operating system for personal devices. Microsoft Windows Server is a server operating system. A denial of service vulnerability exists in Microsoft Windows and Windows Server due to the program's improper handling of objects in memory. An attacker could exploit this vulnerability by logging on to an affected system and running a specially crafted application to cause the targeted system to become unresponsive. The following products and versions are affected: Microsoft Windows 10, Windows 10 Version 1607, Windows 10 Version 1709, Windows 10 Version 1803, Windows 10 Version 1809, Windows 10 Version 1903, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server version 1803, Windows Server version 1903.
Bug Fix(es):
-
Backport TCP follow-up for small buffers (BZ#1739184)
-
TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)
-
RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548)
-
block: blk-mq improvement (BZ#1780567)
-
RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)
-
blk-mq: overwirte performance drops on real MQ device (BZ#1782183)
-
RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)
-
========================================================================== Ubuntu Security Notice USN-4184-2 November 13, 2019
linux, linux-hwe, linux-oem-osp1 vulnerability and regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
Summary:
Several issues were fixed in the Linux kernel.
Software Description: - linux: Linux kernel - linux-hwe: Linux hardware enablement (HWE) kernel - linux-oem-osp1: Linux kernel for OEM processors
Details:
USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues.
We apologize for the inconvenience.
Original advisory details:
Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)
It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207)
It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154)
Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)
Jann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791)
Jann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792)
Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793)
Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)
Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)
Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)
Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)
Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056)
Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: linux-image-5.0.0-36-generic 5.0.0-36.39 linux-image-5.0.0-36-generic-lpae 5.0.0-36.39 linux-image-5.0.0-36-lowlatency 5.0.0-36.39 linux-image-generic 5.0.0.36.38 linux-image-generic-lpae 5.0.0.36.38 linux-image-lowlatency 5.0.0.36.38 linux-image-virtual 5.0.0.36.38
Ubuntu 18.04 LTS: linux-image-5.0.0-1028-oem-osp1 5.0.0-1028.32 linux-image-5.0.0-36-generic 5.0.0-36.39~18.04.1 linux-image-5.0.0-36-generic-lpae 5.0.0-36.39~18.04.1 linux-image-5.0.0-36-lowlatency 5.0.0-36.39~18.04.1 linux-image-generic-hwe-18.04 5.0.0.36.94 linux-image-generic-lpae-hwe-18.04 5.0.0.36.94 linux-image-lowlatency-hwe-18.04 5.0.0.36.94 linux-image-oem-osp1 5.0.0.1028.32 linux-image-virtual-hwe-18.04 5.0.0.36.94
Please note that mitigating the TSX (CVE-2019-11135) and i915 (CVE-2019-0154) issues requires corresponding microcode and graphics firmware updates respectively.
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://usn.ubuntu.com/4184-2 https://usn.ubuntu.com/4184-1 CVE-2019-0155, https://bugs.launchpad.net/bugs/1851709, https://bugs.launchpad.net/bugs/1852141
Package Information: https://launchpad.net/ubuntu/+source/linux/5.0.0-36.39 https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-36.39~18.04.1 https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1028.32 . 8) - x86_64
- Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Description:
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: redhat-release-virtualization-host and redhat-virtualization-host update Advisory ID: RHSA-2019:3860-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2019:3860 Issue date: 2019-11-12 CVE Names: CVE-2018-12207 CVE-2019-11135 =====================================================================
- Summary:
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
RHEL 7-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64 RHEL 7-based RHEV-H for RHEV 4.2 (build requirements) - noarch, x86_64 Red Hat Virtualization 4 Hypervisor for RHEL 7 - noarch Red Hat Virtualization 4.2 Hypervisor for RHEL 7.6 EUS - noarch, x86_64
- Description:
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
-
hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207)
-
hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
- Bugs fixed (https://bugzilla.redhat.com/):
1646768 - CVE-2018-12207 hw: Machine Check Error on Page Size Change (IPU) 1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA)
- Package List:
Red Hat Virtualization 4.2 Hypervisor for RHEL 7.6 EUS:
Source: redhat-release-virtualization-host-4.2-16.1.el7.src.rpm redhat-virtualization-host-4.2-20191107.0.el7_6.src.rpm
noarch: redhat-virtualization-host-image-update-4.2-20191107.0.el7_6.noarch.rpm redhat-virtualization-host-image-update-placeholder-4.2-16.1.el7.noarch.rpm
x86_64: redhat-release-virtualization-host-4.2-16.1.el7.x86_64.rpm redhat-release-virtualization-host-content-4.2-16.1.el7.x86_64.rpm
RHEL 7-based RHEV-H for RHEV 4.2 (build requirements):
Source: redhat-release-virtualization-host-4.2-16.1.el7.src.rpm
noarch: redhat-virtualization-host-image-update-placeholder-4.2-16.1.el7.noarch.rpm
x86_64: redhat-release-virtualization-host-4.2-16.1.el7.x86_64.rpm
Red Hat Virtualization 4 Hypervisor for RHEL 7:
Source: redhat-virtualization-host-4.3.6-20191108.0.el7_7.src.rpm
noarch: redhat-virtualization-host-image-update-4.3.6-20191108.0.el7_7.noarch.rpm
RHEL 7-based RHEV-H for RHEV 4 (build requirements):
Source: redhat-release-virtualization-host-4.3.6-5.el7ev.src.rpm redhat-virtualization-host-4.3.6-20191108.0.el7_7.src.rpm
noarch: redhat-virtualization-host-image-update-4.3.6-20191108.0.el7_7.noarch.rpm redhat-virtualization-host-image-update-placeholder-4.3.6-5.el7ev.noarch.rpm
x86_64: redhat-release-virtualization-host-4.3.6-5.el7ev.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXcsR2tzjgjWX9erEAQiAUA/9E2bx3AwclSdnlsmxzpAWVPiIsGROQ/7/ MIwr58ZcGsC+lXzV7nCo8maOmuDX8nBsJBgct5Jcnh+ZfNCFFDCvstDkLvBVwZsD VN0OIRlxkk7yPowfkrQo8N0wkEIwL+2WIBSdO0ubolhjiLSPxjwl6UvLwnemEHIo 1kfU7/RJD1V8K8jdF5TezPVNSYBOgBFR6kflt6TlSlO3rgQDs17qSrMIZ+PU0g9B lEkOwMSw9UPQsDhaamWD5oUdVy9BO1/CexnIK8dainxasj/D+j2S6X95vICx8nHi WCM90CvOmwLWalwrqAJdTxwlrgvbfBzSeF24Ry2L4oGODH2YFoBMYIZGDTa6op4/ EIotVNsTKKJTdawmGJ/ehIJ0lAbErFwhh126qmPBAi7PvAaVk+g+S7GFMU4XPl38 q08ZPN94dX1BOYRGxctYFgqHz32h11K1cHvSVBwm22XmnNAIZ8nYk4IShzIp3b8M yz2Sn8qXXyNGv2IVVuEK/PfdQAqtjp5576/zNhUC03Ntsx8nc5QqtdVUDJOPbOLN k2SVRUy0mR65vJb2qBGoGzGHsd2QAkJMaPfKFRikgnoEfI6C8yhaLby/mFQOmFtD OKzGxoVvzBTPTU6/9vCvv9xb280qhiDs0dSJwtICLkXaQ3M3/hJsu1XZp/T7tjp1 MW2wQ4SJYW4= =zKEr -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
In addition this update provides mitigations for the "TSX Asynchronous Abort" speculative side channel attack. For additional information please refer to https://xenbits.xen.org/xsa/advisory-305.html
For the oldstable distribution (stretch), these problems have been fixed in version 4.8.5.final+shim4.10.4-1+deb9u12. Note that this will be the last security update for Xen in the oldstable distribution; upstream support for the 4.8.x branch ended by the end of December 2019. If you rely on security support for your Xen installation an update to the stable distribution (buster) is recommended.
For the stable distribution (buster), these problems have been fixed in version 4.11.3+24-g14b62ab3e5-1~deb10u1.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl4c7kEACgkQEMKTtsN8 TjYTuQ//R8WXtoC9qnD7wrV1E9skzu0YgXXUJDgaY6V2cTxRZ9n+RC7szVBXqfjJ OzOhNDESTG1aeOg/vnwHgDLMigIe5HlNSYPMXFk9IqOtsRTaP+Ddp1e/msfudYqP rOiI+NzRk2MnFwT348SCuJK7tS/6coj2IECaYc+LOMp05eg+y4r+KLc6FFWm/UEB 9M0SQMv6vMHaSCqJ7OlzE9j1pta3qPHp6vDpDQC0ngjvTJI85Z6l1p2dJ600bcZR Am4nl/1va8Mxc6hFYQ0h8TV2leELsw3B4f5f4LPKh5U7ZiHM5DfWGZLKxf/SJRpf brt0wwYABM0qMqqelrEZOHWqdFg17ozYkNhuUYYLS3P/AWiOZURHq/xszsv98dGh EUzMPL/P0mHyxrOlG8BrhaZ0O2FfAABRdfNDEO4pDGQSFYYpniOW9a+6yZsmKJDg njryOlSwXa/yrqde5JSqDlJFtwnRZu5IhdeCERXfczpauBrqOzUCUX1n72JSrtlD TUeMMj3QBbuLtJhFbQZH+/dqbQlYKu0u7VPA5fP+7nxsG+9NqwRHv6J2lh0YKXYz ej2WFpM+oBpr12dtFx2buZVzZofHGZd5y1kjGq0yRwnBSrdSKYC5dhtX32weHfSL jnN2rWTafoKwSOJvvofoMjmjcYwTfBzorTO1EX01FPxZqy/nrsA=3Qmh -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-1619",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xeon e3-1265l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2699 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1220 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l7545",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10980xe",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4640 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-7100h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "xeon 7030",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4610 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4610 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold 4425y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8500y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6262v",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7130m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-6267u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5070",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8880 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-9500t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4850 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3690",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "xeon e5-4650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-9300",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "xeon e3-1565l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "core i9-7980xe",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6254",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3110",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-5550u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8268",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2630 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8890 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1660 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5606",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5050",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6230n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2134",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g3930t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5365",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1575m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7200u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2224",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5335",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "core i5-7500t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4627 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "xeon platinum 8260",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g4900t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8280m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2699a v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "xeon gold 5222",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6240l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5570",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5320",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5603",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "xeon e5-2687w v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5410",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "core i5-7440hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core m3-8100y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7560u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core m-5y31",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1035g1",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8893 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4809 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7660u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8709g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6230",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1533n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5472",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3220",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3120",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1840",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l3110",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "celeron g1630",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7330",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "xeon e-2186g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "core i5-9300h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1220l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6252",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1285 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2223",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2643 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1820t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8400t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5670",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1528",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5215m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2191",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2126g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2697 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5318",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5260",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5272",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8750h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5060",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon lv 5148",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "xeon d-1527",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6240m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w5590",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5530",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4660 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2658 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver 4210",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8200y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4655 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5492",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3360",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "celeron g3902e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "xeon e5-2687w v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold g5500t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "xeon bronze 3204",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "xeon gold 5218t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5240",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon ec3539",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2135",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10110y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1225 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l3360",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5215",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-6167u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-5015u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2650l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1230 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-3175x",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5238",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2630l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7600t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-9900x x-series",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8500b",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6770hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3350",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "xeon e5-2667 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1622",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7820hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7600k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1230 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5205",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5218n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2660 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-8130u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8867 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2142it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "pentium gold g5620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3680",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7567u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core m-5y10c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5220",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold 5405u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8269u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5645",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7400t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "xeon e5-2630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "core i7-5557u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2430 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "xeon 3060",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1531",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2246g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2640 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2161i",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1275 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-9400",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-2880 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver 4215",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10920x x-series",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver 4208",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "core i5-5287u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8259u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5647",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core m-5y10",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2265",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5609",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-5200u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2123it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-7940x",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5630",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8280l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4660 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x7350",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e6540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3460",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "xeon gold 6238m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6252n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5\\+8400",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g3930te",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7040",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2667 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "xeon e7-2870 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4657l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7110n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2608l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6240",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold 4410y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6230t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1585 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3530",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "core i3-10110u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-8145u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4850 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver 4214",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2698 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1535m v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2683 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2603 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1557",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g4930e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1231 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7140n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "xeon e-2136",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "core i5-9400h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2640 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2226g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5675",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "7.0.0"
},
{
"model": "core i7-9850h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2603 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5677",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6870hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1280 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5320",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "xeon w-3245m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7120m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7267u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5160",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5080",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-6200u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g3900",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5550",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5618",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1065g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-9300t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "xeon e7-8891 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "xeon e5-2470 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4809 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2609 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8705g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "xeon e5-2670 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "celeron g4930t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7130n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 3070",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "xeon e7-8870 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l3406",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2104g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2286g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1653n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-9600t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2173it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1260l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7y54",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5518",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "pentium gold g5420t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5355",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5140",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x7542",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2234",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5240",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1518",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2680 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-5157u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2643 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2133",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1545m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2174g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2695 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7287u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "core i7-5700hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2650l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2697 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-5020u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2163it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1539",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-9700",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon lc3518",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g4900",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "celeron g3950",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4830 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8895 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1245 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2145",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-5750hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8700b",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1285l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "core m-5y71",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5470",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-9960x x-series",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2407 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10940x x-series",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1535m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold g5400t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver 4214y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold g5400",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "xeon gold 6246",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3565",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1553n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "core i7-10510u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "xeon gold 6244",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8855 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "xeon e7-8890 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l7455",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-8100t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2143it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "core i3-7100t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5030",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2144g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-9400t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4655 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10710u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2695 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4627 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1840t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-3245",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5215l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2124g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7800x",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-9980xe",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-9500",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "xeon e3-1240 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "core m-5y70",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8270",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-9940x x-series",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-7100",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1245 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "xeon e7-4820 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "xeon e5-2697 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-iq centralized management",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "6.1.0"
},
{
"model": "xeon e5502",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 9282",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "xeon e5-2698 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1270 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "core m-5y10a",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2183it",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "celeron g1620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7920hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1537",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "xeon x3330",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold g5500",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1280 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-8300t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x6550",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5150",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1246 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2123",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1577",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5630",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8265u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2295",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1602",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8260l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7500u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g3920",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8276",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2660 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1680 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"model": "xeon w-3275",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2680 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2637 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7600",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2699 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-5257u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8400b",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1660 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4850 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5638",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1680 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1649n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1230l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "31"
},
{
"model": "xeon e5-2643 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1571",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2244g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8400",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5640",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l3426",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8260m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8650u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8565u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "xeon e3-1265l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3470",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "xeon lv 5138",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1270 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3320",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4880 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "core i3-8100",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-7300",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "core i7-9750h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2236",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-9700t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6700hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8280",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1513n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "xeon gold 6238t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l7555",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2141i",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5217",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core m3-6y30",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8880 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2146nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-3223",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4610a v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w5580",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1585l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2440 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "celeron g1830",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x7550",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7820hk",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5405",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2690 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1548",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5120",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2403 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6226",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "xeon e3-1240l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2623 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7020",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "xeon gold 5220t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8890 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1225 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon ec5509",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8300h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8550u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2628l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 3040",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5215",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-6350hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6560u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "xeon e5-2650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2274g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8250u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core m-5y51",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1035g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8891 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3670",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8870 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5218",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-9100",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8891 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2648l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.1"
},
{
"model": "xeon 7140m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-iq centralized management",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "5.2.0"
},
{
"model": "core i5-9600",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "core i3-8109u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10210y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7300hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5482",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x7560",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2670 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5530",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5270",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2690 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7700",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8276m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2275",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold g5420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5462",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4627 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1623n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "xeon e5-2680 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "xeon e7210",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8860 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon lv 5133",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "xeon x5687",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-3275m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2175",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7150n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-7300t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "xeon gold 6238",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-7960x",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "xeon 7041",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7700t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2603 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1610t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1505m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7260u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1820te",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "xeon x5450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6238l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5507",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1559",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4669 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-9100t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4830 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4603 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5649",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "xeon e5620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10510y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7320",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1241 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold 4415u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1220 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-iq centralized management",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "6.0.0"
},
{
"model": "xeon x3440",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8086k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8260y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "xeon e7-4820 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1235l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2690 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2609 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7340",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5660",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "xeon e7220",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "pentium gold g5600t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "core i3-1005g1",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "celeron g3900t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1275 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7120n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5560",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6820hk",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1610",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2177nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5345",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4669 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1268l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon lc5518",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-7900x",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon lc5528",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1271 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5218b",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g4920",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3380",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4809 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x7460",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4860 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold 6405u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2695 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-6287u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-3265",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-2850 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2176g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-5250u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1276 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2660 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4820 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2224g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2276g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5680",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8880l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "core i7-5950hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "xeon e7430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1850",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7700hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2245",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1627",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5472",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1275 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5607",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g3930e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-6100u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g3900e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon ec5549",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon lv 5128",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 9222",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7530",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-6100h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5310",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6248",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1543n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1523n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon ec5539",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4628l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-6300hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4890 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g3900te",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1529",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l7445",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-7100u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2155",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "core i7-6970hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1620t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5504",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 3065",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3550",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5110",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4870 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7400",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2667 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7700k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g4932e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8870 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-9350k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8305g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-8350k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "core i7-5500u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-3225",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "xeon l5640",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8559u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g1820",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-7920x",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10900x x-series",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1505m v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-9700k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2125",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5408",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10310y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-iq centralized management",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "5.4.0"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "xeon e5-2697a v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3370",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1"
},
{
"model": "core i7-8706g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core m3-6y54",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2637 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4640 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "core i3-5010u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4640 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "xeon e5-2630l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-8809g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1515m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1558l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2288g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5506",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-7167u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7\\+8700",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3210",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8893 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2630l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "xeon l5506",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6222v",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6242",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2640 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2430l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4607 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2255",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2225",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-4667 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "xeon e5503",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2650l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-9320",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5410",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "core m3-7y30",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g4930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-5850hq",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5460",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1240l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver 4209t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3230",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "core i5-7360u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon lv 5113",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2683 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5130",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8857 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8256",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7310",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2450 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "xeon e5-4667 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1220 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2450l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5440",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-7500",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2235",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5\\+8500",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-7820x",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-2166nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1541",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-9600k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2687w v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-4830 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8253",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1225 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "xeon e7-8860 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "xeon lc3528",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8867 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3480",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold g5600",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l3014",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2"
},
{
"model": "core i3-6100",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8893 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3570",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "core i9-9920x x-series",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2146g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-5775c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2623 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2618l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5690",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1226 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 3050",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5667",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-8300",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-3265m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6234",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "xeon e5-1660 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-5005u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold 4415y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 8276l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2124",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "xeon d-2145nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "core i5-10210u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5310",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-6260u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x3430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "xeon 5063",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8880 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1035g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2420 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "xeon e7440",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "celeron g3930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "core i5-5350h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1633n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 7110m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5220",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w3580",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5335",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "xeon d-2187nt",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1521",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-2637 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-8350u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron g4950",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3-1281 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l7345",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon d-1567",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 9242",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum 9221",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon w-2195",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6567u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-8850 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 5220s",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "core i3-7320",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "xeon e7-8880l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-6500u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon 5040",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5-1620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e6510",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "core i3-7350k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7-2890 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold 6240y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium gold 4417u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver 4216",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon l5508",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e-2278g",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon x5672",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-10110u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-10110y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-1005g1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-9300t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-9300t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-9300_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-9300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-9100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-9100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-9100t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-9100t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-9350k_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-9350k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-9320_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-9320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-8145u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-8300_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-8100t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-8300t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-8109u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-8130u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-8100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-8350k_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7350k_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7350k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7300t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7300t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7167u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7167u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7300_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7100h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7100h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7320_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7100t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7100t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-7100u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-7100u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-6100u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-6100u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-6100h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-6100h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-6167u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-6167u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-6100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-6100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-5015u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-5015u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-5020u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-5020u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-5005u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-5005u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-5010u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-5010u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i3-5157u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-5157u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-10210u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-10310y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-10210y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-1035g4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-1035g7_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-1035g1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9600_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9400t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9600t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9500t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9500t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9300h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9400h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9400_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-9600k_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8265u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8200y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8300h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8259u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8269u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8700b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8700b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8400b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8500b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5\\+8500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5\\+8500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5\\+8400_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5\\+8400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8305g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8400_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8250u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-8350u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7400_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7500t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7500t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7600t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7400t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7600_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7300hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7300hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7267u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7267u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7600k_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7600k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7260u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7260u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7440hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7440hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7287u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7287u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7360u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7360u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7200u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7200u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-7y54_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-7y54:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-6350hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-6350hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-6200u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-6200u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-6300hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-6300hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-6287u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-6287u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-6267u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-6267u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-6260u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-6260u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-5350h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-5350h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-5200u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-5200u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-5287u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-5287u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-5250u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-5250u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i5-5257u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-5257u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-10510u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-10510y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-10710u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-1065g7_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-9700t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-9700t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-9700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-9700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-9750h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-9750h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-9850h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-9700k_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8086k_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8750h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8559u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7\\+8700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7\\+8700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8709g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8809g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8550u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-8650u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7700t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7820hk_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7700hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7660u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7560u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7567u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7700k_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7920hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7820hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7500u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-6970hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-6870hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-6770hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-6500u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-6700hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-6820hk_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-6560u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-6567u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-5850hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-5850hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-5950hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-5950hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-5775c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-5775c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-5700hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-5700hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-5750hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-5750hq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-5500u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-5500u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-5550u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-5550u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-5557u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-5557u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m3-8100y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m3-7y30_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m3-7y30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m3-6y54_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m3-6y54:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m3-6y30_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m3-6y30:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m-5y31_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m-5y31:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m-5y51_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m-5y51:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m-5y10c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m-5y10c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m-5y10_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m-5y10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m-5y10a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m-5y10a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m-5y71_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m-5y71:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m-5y70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m-5y70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_m-5y10c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_m-5y10c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-10980xe_firmware:-:*:*:*:extreme:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10980xe:-:*:*:*:extreme:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-10900x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10900x_x-series:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-10920x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10920x_x-series:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-10940x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10940x_x-series:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-9900x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-9900x_x-series:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-9920x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-9920x_x-series:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-9960x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-9960x_x-series:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-9980xe_firmware:-:*:*:*:extreme:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-9980xe:-:*:*:*:extreme:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-9940x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-9940x_x-series:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-7960x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-7960x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-7940x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-7940x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-7980xe_firmware:-:*:*:*:extreme:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-7980xe:-:*:*:*:extreme:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-7920x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-7920x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i9-7900x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-7900x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7820x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7820x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:core_i7-7800x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-7800x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5620_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5600t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5600_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5500t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5500t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5420t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5420t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5420_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_6405u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_6405u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_5405u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_5405u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5400t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_g5400_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_g5400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_4425y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_4425y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_4417u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_4417u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_4415u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_4415u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_4415y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_4415y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:pentium_gold_4410y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_gold_4410y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g4950_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g4950:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g4932e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g4932e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g4930t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g4930t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g4930e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g4930e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g4930_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g4930:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g4920_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g4920:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g4900t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g4900t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g4900_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g4900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3950_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3950:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3930te_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3930te:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3930t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3930t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3930e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3930e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3930_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3930:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3920_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3920:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3902e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3902e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3900te_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3900te:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3900e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3900e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3900t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3900t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g3900_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g3900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1850_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1850:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1840t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1840t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1840_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1840:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1830_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1830:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1820te_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1820te:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1820t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1820t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1630_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1630:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1820_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1820:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1620t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1620t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1620_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1610t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1610t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:celeron_g1610_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_g1610:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_9222_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_9221_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8280m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8280m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8276m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8276m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8260m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8260m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6262v_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6254_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6252n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6252_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6248_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6246_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6244_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6242_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6240y_:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6240m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6240m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6240_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6238t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6238m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6238m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6238l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6238_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6234_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6230t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6230n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6230_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6226_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_6222v_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5222_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5220t_:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5220s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5220_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5218t_:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5218n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5218b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5218_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5217_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5215m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5215m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5215l_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_gold_5215_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_silver_4216_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_silver_4215_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_silver_4214y_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_silver_4214_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_silver_4210_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_silver_4209t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_silver_4208_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8890_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8890_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8893_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8893_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8880_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8880_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4830_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4830_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8860_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8860_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4809_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4809_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8870_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8870_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4820_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4820_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8891_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8891_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8867_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8867_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4850_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4850_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8855_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8855_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8860_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8860_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8867_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8867_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8870_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8870_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8880_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8880_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8880l_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8880l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4809_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4809_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8890_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8890_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4820_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4820_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8891_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8891_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4830_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4830_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4850_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4850_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8893_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8893_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4809_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4809_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8880l_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8880l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8880_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8880_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4820_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4820_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8890_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8890_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8891_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8891_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-2850_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-2850_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4830_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4830_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8893_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8893_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-2870_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-2870_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4850_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4850_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-2880_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-2880_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-2890_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-2890_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4860_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4860_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4870_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4870_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4890_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4890_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8850_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8850_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8857_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8857_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8870_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8870_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-4880_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-4880_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7-8895_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7-8895_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2699a_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4627_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4610a_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4610a_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4620_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4628l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4660_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4640_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4669_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4667_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4655_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4650_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1660_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1630_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1620_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1680_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1650_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2687w_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2695_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2690_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2699_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2650l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2658_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2698_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2660_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2680_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2697_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2683_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2628l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2650_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2697a_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2648l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2620_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2630l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2608l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2667_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2643_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2623_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2609_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2630_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2618l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2637_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2603_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2640_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4640_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4640_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4650_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4650_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4655_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4655_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4660_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4660_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4667_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4667_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4669_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4669_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4610_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4610_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4620_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4620_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4627_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4627_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2695_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2695_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2697_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2697_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2698_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2698_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2699_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2699_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2683_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2683_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2690_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2690_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2650_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2650_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2660_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2660_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2680_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2680_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2670_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2670_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1630_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1630_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1650_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1650_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2687w_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2687w_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2643_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2643_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1660_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1660_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1680_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1680_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2650l_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2650l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2620_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2620_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2623_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2623_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1620_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1620_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2630_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2630_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2630l_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2630l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2637_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2637_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2640_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2640_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2603_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2603_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2667_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2667_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4640_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4640_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4650_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4650_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4657l_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4657l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4607_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4607_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4610_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4610_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4620_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4620_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4657l_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4657l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4627_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4627_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-4603_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-4603_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2420_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2420_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2440_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2440_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2403_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2403_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2430_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2430_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2450_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2450_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2430l_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2430l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2450l_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2450l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2470_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2470_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2407_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2407_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2640_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2640_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2680_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2680_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2690_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2690_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2643_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2643_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2650_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2650_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2650l_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2650l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2695_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2695_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2660_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2660_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2667_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2667_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2697_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2697_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2603_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2603_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2670_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2670_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2609_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2609_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1620_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1620_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2687w_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2687w_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1650_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1650_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2620_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2620_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-1660_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-1660_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2630_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2630_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2630l_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2630l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5-2637_v2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5-2637_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1230_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1230_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1280_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1280_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1225_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1225_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1240_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1240_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1275_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1275_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1220_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1220_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1270_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1270_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1245_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1245_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1535m_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1535m_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1505m_v6_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1505m_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1565l_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1565l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1585l_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1585l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1585_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1585_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1558l_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1558l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1545m_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1545m_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1575m_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1575m_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1515m_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1515m_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1240l_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1240l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1235l_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1235l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1280_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1280_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1220_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1220_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1230_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1230_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1245_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1245_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1270_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1270_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1225_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1225_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1260l_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1260l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1240_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1275_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1275_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1268l_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1268l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1505m_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1505m_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1535m_v5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1535m_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1265l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1265l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1285l_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1285l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1285_v4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1285_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1241_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1241_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1231_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1231_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1240l_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1240l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1276_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1276_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1281_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1281_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1246_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1246_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1271_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1271_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1226_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1226_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1220l_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1220l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1220_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1220_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1230l_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1230l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1225_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1225_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1265l_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1265l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3-1275_v3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3-1275_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2226g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2234_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2236_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2244g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2274g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2246g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2224_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2224g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2288g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2278g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2286g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2286g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2276g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2146g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2176g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2136_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2134_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2144g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2174g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2104g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2186g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2126g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1602:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1622:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1627:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1637:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1559:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1557:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1567:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1577:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1571:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1548:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2275_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2295_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2265_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2255_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2223_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2245_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2225_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2235_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3265m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3245m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3275_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3245_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3275m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3223_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3265_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3225_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-3175x_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-3175x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2175_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2175:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2133_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2133:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2155_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2155:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2123_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2123:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2145_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2145:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2125_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2125:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2135_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2135:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w-2195_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w-2195:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x7560_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x7560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l7555_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l7555:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x7550_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x7550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l7545_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l7545:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x7542_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x7542:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7540_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7530_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7530:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7520_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x7460_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x7460:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7450_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l7455_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l7455:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l7445_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l7445:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7440_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7440:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7430_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7430:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7420_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x7350_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x7350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l7345_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l7345:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7340_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7330_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7330:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7320_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7310_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7220_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e7210_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7150n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7150n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7140n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7140n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7140m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7140m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7130n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7130n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7130m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7130m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7120n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7120n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7120m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7120m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7110n_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7110n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7110m_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7110m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7041_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7041:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7040_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7040:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7020_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_7030_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_7030:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x6550_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x6550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e6540_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e6540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e6510_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e6510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5690_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5690:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5687_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5687:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5680_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5680:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5677_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5677:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5675_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5675:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5672_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5672:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5670_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5670:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5667_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5667:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5660_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5660:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5650_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5649_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5649:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5647_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5647:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5645_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5645:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5640_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5640:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5640_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5640:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5638_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5638:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5630_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5630:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5630_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5630:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5620_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5618_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5618:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5609_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5609:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5607_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5607:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5606_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5606:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5506_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5506:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5603_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5603:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w5590_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w5590:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w5580_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w5580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5570_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5570:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5560_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5550_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_ec5549_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_ec5549:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5540_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_ec5539_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_ec5539:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5530_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5530:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5530_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5530:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lc5528_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lc5528:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5520_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5520_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lc5518_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lc5518:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5518_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5518:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_ec5509_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_ec5509:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5508_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5508:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5507_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5507:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5506_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5506:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5504_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5504:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5503_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5503:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5502_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5502:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5492_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5492:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5482_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5482:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5472_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5472:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5472_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5472:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5470_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5470:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5462_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5462:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5460_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5460:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5450_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5450_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5440_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5440:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5430_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5430:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5430_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5430:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5420_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5420_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5410_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5410:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5410_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5410:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5408_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5408:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5405_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5405:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5365_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5365:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5355_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5355:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5345_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5345:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5335_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5335:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5335_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5335:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5320_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5320_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5318_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5318:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5310_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5310_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5272_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5272:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5270_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5270:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x5260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x5260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5240_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5240_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5238_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5238:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5220_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l5215_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l5215:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e5205_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5205:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5160_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5160:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5150_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5150:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lv_5148_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lv_5148:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5140_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5140:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lv_5138_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lv_5138:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lv_5133_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lv_5133:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5130_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5130:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lv_5128_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lv_5128:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lv_5113_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lv_5113:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5110_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5080_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5080:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5070_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5070:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5063_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5063:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5060_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5060:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5050_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5050:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5040_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5040:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_5030_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_5030:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3690_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3690:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3680_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3680:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3670_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3670:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3580_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3570_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3570:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3565_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3565:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3550_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3540_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_ec3539_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_ec3539:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3530_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3530:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lc3528_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lc3528:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_w3520_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_w3520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_lc3518_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_lc3518:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3480_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3480:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3470_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3470:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3460_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3460:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3450_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3440_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3440:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3430_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3430:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l3426_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l3426:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l3406_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l3406:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3380_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3380:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3370_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3370:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3360_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3360:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l3360_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l3360:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3350_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3330_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3330:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3320_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3230_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3230:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3220_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_x3210_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_x3210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3120_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l3110_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l3110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_e3110_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_3070_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_3070:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_3065_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_3065:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_3060_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_3060:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_3050_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_3050:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_3040_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_3040:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:xeon_l3014_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_l3014:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.1.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.4.0",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.5",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.1.3",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.1.2",
"versionStartIncluding": "14.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu,Debian,Red Hat,Benjamin M. Romer,Gentoo",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
}
],
"trust": 0.6
},
"cve": "CVE-2018-12207",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-122143",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-12207",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-694",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-122143",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122143"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
},
{
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. Both Microsoft Windows and Microsoft Windows Server are products of Microsoft Corporation. Microsoft Windows is an operating system for personal devices. Microsoft Windows Server is a server operating system. A denial of service vulnerability exists in Microsoft Windows and Windows Server due to the program\u0027s improper handling of objects in memory. An attacker could exploit this vulnerability by logging on to an affected system and running a specially crafted application to cause the targeted system to become unresponsive. The following products and versions are affected: Microsoft Windows 10, Windows 10 Version 1607, Windows 10 Version 1709, Windows 10 Version 1803, Windows 10 Version 1809, Windows 10 Version 1903, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server version 1803, Windows Server version 1903. \n\nBug Fix(es):\n\n* Backport TCP follow-up for small buffers (BZ#1739184)\n\n* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)\n\n* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test\n(Marvell/Cavium/QLogic) (L3:) (BZ#1743548)\n\n* block: blk-mq improvement (BZ#1780567)\n\n* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during\nRHEL8.0 validation for SAP HANA on POWER (BZ#1781111)\n\n* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)\n\n* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads\nto drain out system memory quickly. (BZ#1782705)\n\n4. ==========================================================================\nUbuntu Security Notice USN-4184-2\nNovember 13, 2019\n\nlinux, linux-hwe, linux-oem-osp1 vulnerability and regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux: Linux kernel\n- linux-hwe: Linux hardware enablement (HWE) kernel\n- linux-oem-osp1: Linux kernel for OEM processors\n\nDetails:\n\nUSN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered\nthat the kernel fix for CVE-2019-0155 (i915 missing Blitter Command\nStreamer check) was incomplete on 64-bit Intel x86 systems. Also, the\nupdate introduced a regression that broke KVM guests where extended\npage tables (EPT) are disabled or not supported. This update addresses\nboth issues. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n Stephan van Schaik, Alyssa Milburn, Sebastian \\xd6sterlund, Pietro Frigo,\n Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz\n Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel\n processors using Transactional Synchronization Extensions (TSX) could\n expose memory contents previously stored in microarchitectural buffers to a\n malicious process that is executing on the same CPU core. A local attacker\n could use this to expose sensitive information. (CVE-2019-11135)\n\n It was discovered that the Intel i915 graphics chipsets allowed userspace\n to modify page table entries via writes to MMIO from the Blitter Command\n Streamer and expose kernel memory information. A local attacker could use\n this to expose sensitive information or possibly elevate privileges. A local attacker in a guest VM could use this to\n cause a denial of service (host system crash). (CVE-2018-12207)\n\n It was discovered that the Intel i915 graphics chipsets could cause a\n system hang when userspace performed a read from GT memory mapped input\n output (MMIO) when the product is in certain low power states. A local\n attacker could use this to cause a denial of service. (CVE-2019-0154)\n\n Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the\n Linux kernel did not properly validate endpoint descriptors returned by the\n device. A physically proximate attacker could use this to cause a denial of\n service (system crash). (CVE-2019-15098)\n\n Jann Horn discovered a reference count underflow in the shiftfs\n implementation in the Linux kernel. A local attacker could use this to\n cause a denial of service (system crash) or possibly execute arbitrary\n code. (CVE-2019-15791)\n\n Jann Horn discovered a type confusion vulnerability in the shiftfs\n implementation in the Linux kernel. A local attacker could use this to\n cause a denial of service (system crash) or possibly execute arbitrary\n code. (CVE-2019-15792)\n\n Jann Horn discovered that the shiftfs implementation in the Linux kernel\n did not use the correct file system uid/gid when the user namespace of a\n lower file system is not in the init user namespace. A local attacker could\n use this to possibly bypass DAC permissions or have some other unspecified\n impact. (CVE-2019-15793)\n\n Ori Nimron discovered that the AX25 network protocol implementation in the\n Linux kernel did not properly perform permissions checks. A local attacker\n could use this to create a raw socket. (CVE-2019-17052)\n\n Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\n protocol implementation in the Linux kernel did not properly perform\n permissions checks. A local attacker could use this to create a raw socket. \n (CVE-2019-17053)\n\n Ori Nimron discovered that the Appletalk network protocol implementation in\n the Linux kernel did not properly perform permissions checks. A local\n attacker could use this to create a raw socket. (CVE-2019-17054)\n\n Ori Nimron discovered that the modular ISDN network protocol implementation\n in the Linux kernel did not properly perform permissions checks. A local\n attacker could use this to create a raw socket. (CVE-2019-17055)\n\n Ori Nimron discovered that the Near field Communication (NFC) network\n protocol implementation in the Linux kernel did not properly perform\n permissions checks. A local attacker could use this to create a raw socket. \n (CVE-2019-17056)\n\n Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi\n driver for the Linux kernel when handling Notice of Absence frames. A\n physically proximate attacker could use this to cause a denial of service\n (system crash) or possibly execute arbitrary code. (CVE-2019-17666)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n linux-image-5.0.0-36-generic 5.0.0-36.39\n linux-image-5.0.0-36-generic-lpae 5.0.0-36.39\n linux-image-5.0.0-36-lowlatency 5.0.0-36.39\n linux-image-generic 5.0.0.36.38\n linux-image-generic-lpae 5.0.0.36.38\n linux-image-lowlatency 5.0.0.36.38\n linux-image-virtual 5.0.0.36.38\n\nUbuntu 18.04 LTS:\n linux-image-5.0.0-1028-oem-osp1 5.0.0-1028.32\n linux-image-5.0.0-36-generic 5.0.0-36.39~18.04.1\n linux-image-5.0.0-36-generic-lpae 5.0.0-36.39~18.04.1\n linux-image-5.0.0-36-lowlatency 5.0.0-36.39~18.04.1\n linux-image-generic-hwe-18.04 5.0.0.36.94\n linux-image-generic-lpae-hwe-18.04 5.0.0.36.94\n linux-image-lowlatency-hwe-18.04 5.0.0.36.94\n linux-image-oem-osp1 5.0.0.1028.32\n linux-image-virtual-hwe-18.04 5.0.0.36.94\n\nPlease note that mitigating the TSX (CVE-2019-11135) and i915\n(CVE-2019-0154) issues requires corresponding microcode and graphics\nfirmware updates respectively. \n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n https://usn.ubuntu.com/4184-2\n https://usn.ubuntu.com/4184-1\n CVE-2019-0155,\n https://bugs.launchpad.net/bugs/1851709,\n https://bugs.launchpad.net/bugs/1852141\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/linux/5.0.0-36.39\n https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-36.39~18.04.1\n https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1028.32\n. 8) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: redhat-release-virtualization-host and redhat-virtualization-host update\nAdvisory ID: RHSA-2019:3860-01\nProduct: Red Hat Virtualization\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3860\nIssue date: 2019-11-12\nCVE Names: CVE-2018-12207 CVE-2019-11135 \n=====================================================================\n\n1. Summary:\n\nAn update for redhat-release-virtualization-host and\nredhat-virtualization-host is now available for Red Hat Virtualization 4\nfor Red Hat Enterprise Linux 7 and Red Hat Virtualization 4.2 for Red Hat\nEnterprise Linux 7.6 EUS. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL 7-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64\nRHEL 7-based RHEV-H for RHEV 4.2 (build requirements) - noarch, x86_64\nRed Hat Virtualization 4 Hypervisor for RHEL 7 - noarch\nRed Hat Virtualization 4.2 Hypervisor for RHEL 7.6 EUS - noarch, x86_64\n\n3. Description:\n\nThe redhat-virtualization-host packages provide the Red Hat Virtualization\nHost. These packages include redhat-release-virtualization-host,\novirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are\ninstalled using a special build of Red Hat Enterprise Linux with only the\npackages required to host virtual machines. RHVH features a Cockpit user\ninterface for monitoring the host\u0027s resources and performing administrative\ntasks. \n\nThe ovirt-node-ng packages provide the Red Hat Virtualization Host. These\npackages include redhat-release-virtualization-host, ovirt-node, and\nrhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a\nspecial build of Red Hat Enterprise Linux with only the packages required\nto host virtual machines. RHVH features a Cockpit user interface for\nmonitoring the host\u0027s resources and performing administrative tasks. \n\nSecurity Fix(es):\n\n* hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207)\n\n* hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1646768 - CVE-2018-12207 hw: Machine Check Error on Page Size Change (IPU)\n1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA)\n\n6. Package List:\n\nRed Hat Virtualization 4.2 Hypervisor for RHEL 7.6 EUS:\n\nSource:\nredhat-release-virtualization-host-4.2-16.1.el7.src.rpm\nredhat-virtualization-host-4.2-20191107.0.el7_6.src.rpm\n\nnoarch:\nredhat-virtualization-host-image-update-4.2-20191107.0.el7_6.noarch.rpm\nredhat-virtualization-host-image-update-placeholder-4.2-16.1.el7.noarch.rpm\n\nx86_64:\nredhat-release-virtualization-host-4.2-16.1.el7.x86_64.rpm\nredhat-release-virtualization-host-content-4.2-16.1.el7.x86_64.rpm\n\nRHEL 7-based RHEV-H for RHEV 4.2 (build requirements):\n\nSource:\nredhat-release-virtualization-host-4.2-16.1.el7.src.rpm\n\nnoarch:\nredhat-virtualization-host-image-update-placeholder-4.2-16.1.el7.noarch.rpm\n\nx86_64:\nredhat-release-virtualization-host-4.2-16.1.el7.x86_64.rpm\n\nRed Hat Virtualization 4 Hypervisor for RHEL 7:\n\nSource:\nredhat-virtualization-host-4.3.6-20191108.0.el7_7.src.rpm\n\nnoarch:\nredhat-virtualization-host-image-update-4.3.6-20191108.0.el7_7.noarch.rpm\n\nRHEL 7-based RHEV-H for RHEV 4 (build requirements):\n\nSource:\nredhat-release-virtualization-host-4.3.6-5.el7ev.src.rpm\nredhat-virtualization-host-4.3.6-20191108.0.el7_7.src.rpm\n\nnoarch:\nredhat-virtualization-host-image-update-4.3.6-20191108.0.el7_7.noarch.rpm\nredhat-virtualization-host-image-update-placeholder-4.3.6-5.el7ev.noarch.rpm\n\nx86_64:\nredhat-release-virtualization-host-4.3.6-5.el7ev.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXcsR2tzjgjWX9erEAQiAUA/9E2bx3AwclSdnlsmxzpAWVPiIsGROQ/7/\nMIwr58ZcGsC+lXzV7nCo8maOmuDX8nBsJBgct5Jcnh+ZfNCFFDCvstDkLvBVwZsD\nVN0OIRlxkk7yPowfkrQo8N0wkEIwL+2WIBSdO0ubolhjiLSPxjwl6UvLwnemEHIo\n1kfU7/RJD1V8K8jdF5TezPVNSYBOgBFR6kflt6TlSlO3rgQDs17qSrMIZ+PU0g9B\nlEkOwMSw9UPQsDhaamWD5oUdVy9BO1/CexnIK8dainxasj/D+j2S6X95vICx8nHi\nWCM90CvOmwLWalwrqAJdTxwlrgvbfBzSeF24Ry2L4oGODH2YFoBMYIZGDTa6op4/\nEIotVNsTKKJTdawmGJ/ehIJ0lAbErFwhh126qmPBAi7PvAaVk+g+S7GFMU4XPl38\nq08ZPN94dX1BOYRGxctYFgqHz32h11K1cHvSVBwm22XmnNAIZ8nYk4IShzIp3b8M\nyz2Sn8qXXyNGv2IVVuEK/PfdQAqtjp5576/zNhUC03Ntsx8nc5QqtdVUDJOPbOLN\nk2SVRUy0mR65vJb2qBGoGzGHsd2QAkJMaPfKFRikgnoEfI6C8yhaLby/mFQOmFtD\nOKzGxoVvzBTPTU6/9vCvv9xb280qhiDs0dSJwtICLkXaQ3M3/hJsu1XZp/T7tjp1\nMW2wQ4SJYW4=\n=zKEr\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nIn addition this update provides mitigations for the \"TSX Asynchronous Abort\"\nspeculative side channel attack. For additional information please refer to\nhttps://xenbits.xen.org/xsa/advisory-305.html\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 4.8.5.final+shim4.10.4-1+deb9u12. Note that this will be the\nlast security update for Xen in the oldstable distribution; upstream\nsupport for the 4.8.x branch ended by the end of December 2019. If you\nrely on security support for your Xen installation an update to the\nstable distribution (buster) is recommended. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 4.11.3+24-g14b62ab3e5-1~deb10u1. \n\nWe recommend that you upgrade your xen packages. \n\nFor the detailed security status of xen please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/xen\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl4c7kEACgkQEMKTtsN8\nTjYTuQ//R8WXtoC9qnD7wrV1E9skzu0YgXXUJDgaY6V2cTxRZ9n+RC7szVBXqfjJ\nOzOhNDESTG1aeOg/vnwHgDLMigIe5HlNSYPMXFk9IqOtsRTaP+Ddp1e/msfudYqP\nrOiI+NzRk2MnFwT348SCuJK7tS/6coj2IECaYc+LOMp05eg+y4r+KLc6FFWm/UEB\n9M0SQMv6vMHaSCqJ7OlzE9j1pta3qPHp6vDpDQC0ngjvTJI85Z6l1p2dJ600bcZR\nAm4nl/1va8Mxc6hFYQ0h8TV2leELsw3B4f5f4LPKh5U7ZiHM5DfWGZLKxf/SJRpf\nbrt0wwYABM0qMqqelrEZOHWqdFg17ozYkNhuUYYLS3P/AWiOZURHq/xszsv98dGh\nEUzMPL/P0mHyxrOlG8BrhaZ0O2FfAABRdfNDEO4pDGQSFYYpniOW9a+6yZsmKJDg\nnjryOlSwXa/yrqde5JSqDlJFtwnRZu5IhdeCERXfczpauBrqOzUCUX1n72JSrtlD\nTUeMMj3QBbuLtJhFbQZH+/dqbQlYKu0u7VPA5fP+7nxsG+9NqwRHv6J2lh0YKXYz\nej2WFpM+oBpr12dtFx2buZVzZofHGZd5y1kjGq0yRwnBSrdSKYC5dhtX32weHfSL\njnN2rWTafoKwSOJvvofoMjmjcYwTfBzorTO1EX01FPxZqy/nrsA=3Qmh\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-12207"
},
{
"db": "VULHUB",
"id": "VHN-122143"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155331"
},
{
"db": "PACKETSTORM",
"id": "155278"
},
{
"db": "PACKETSTORM",
"id": "155847"
},
{
"db": "PACKETSTORM",
"id": "155284"
},
{
"db": "PACKETSTORM",
"id": "155314"
},
{
"db": "PACKETSTORM",
"id": "155283"
},
{
"db": "PACKETSTORM",
"id": "155956"
},
{
"db": "PACKETSTORM",
"id": "155335"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-122143",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122143"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-12207",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "155335",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "155847",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "156058",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "155697",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155405",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155294",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155318",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155424",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201911-694",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155956",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156920",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4561.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0153",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4700",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4339",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4675.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4247",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4359",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4301",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0437",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0127",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4386",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4730",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4676",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4406",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0561",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4254",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4417",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4561",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0049",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155283",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155314",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155331",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155278",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155284",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155280",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155293",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155290",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155287",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155303",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155285",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155418",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155279",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155289",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155307",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155843",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155291",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155332",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155286",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155333",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155304",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155309",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155305",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-122143",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122143"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155331"
},
{
"db": "PACKETSTORM",
"id": "155278"
},
{
"db": "PACKETSTORM",
"id": "155847"
},
{
"db": "PACKETSTORM",
"id": "155284"
},
{
"db": "PACKETSTORM",
"id": "155314"
},
{
"db": "PACKETSTORM",
"id": "155283"
},
{
"db": "PACKETSTORM",
"id": "155956"
},
{
"db": "PACKETSTORM",
"id": "155335"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
},
{
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"id": "VAR-201911-1619",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-122143"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:03:40.870000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Microsoft Windows and Microsoft Windows Server Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=103050"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122143"
},
{
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2020:0028"
},
{
"trust": 2.3,
"url": "https://www.debian.org/security/2020/dsa-4602"
},
{
"trust": 2.3,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:3916"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:3936"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:3941"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2020:0026"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2020:0204"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2020/jan/21"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/202003-56"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4186-2/"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12207"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12207"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/i5wwpw4bszddw7vhu427xtvxv7rooffw/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/izyatwnughrbg6i3tc24yhp5y3j7i6kh/"
},
{
"trust": 1.0,
"url": "https://support.f5.com/csp/article/k17269881?utm_source=f5support\u0026amp%3butm_medium=rss"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11135"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/i5wwpw4bszddw7vhu427xtvxv7rooffw/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/izyatwnughrbg6i3tc24yhp5y3j7i6kh/"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/errata/rhsa-2019:3833"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0154"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k17269881?utm_source=f5support\u0026utm_medium=rss"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193340-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193348-1.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2019:4245"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k15840535"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2019:3835"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2019:3844"
},
{
"trust": 0.6,
"url": "https://www.vmware.com/security/advisories/vmsa-2019-0020.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2019:3942"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2019:3940"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193293-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193307-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193308-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192962-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192961-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192960-1.html"
},
{
"trust": 0.6,
"url": "https://security.freebsd.org/advisories/freebsd-sa-19:25.mcepsc.asc"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200334-1.html"
},
{
"trust": 0.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html"
},
{
"trust": 0.6,
"url": "https://support.citrix.com/article/ctx263684"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/xsa-304-and-xsa-305-security-vulnerabilities/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156920/gentoo-linux-security-advisory-202003-56.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4417/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/intel-processors-denial-of-service-via-machine-check-error-on-page-size-change-30843"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4700/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155697/red-hat-security-advisory-2019-4245-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0437/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4730/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4386/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4561/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4247/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155405/red-hat-security-advisory-2019-3916-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4561.2/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155847/red-hat-security-advisory-2020-0028-01.html"
},
{
"trust": 0.6,
"url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2018-12207"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155294/red-hat-security-advisory-2019-3839-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4406/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4339/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4675.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4359/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4676/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4301/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0127/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155424/red-hat-security-advisory-2019-3941-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2696/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4254/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155318/kernel-live-patch-security-notice-lsn-0059-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0049/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0153/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0561/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155956/debian-security-advisory-4602-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155335/ubuntu-security-notice-usn-4186-3.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346.2/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2019-11135"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0155"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/solutions/tsx-asynchronousabort"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-0154"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17055"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17054"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17056"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15098"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17053"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17666"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17052"
},
{
"trust": 0.2,
"url": "https://bugs.launchpad.net/bugs/1852141"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/i915-graphics"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4186-1"
},
{
"trust": 0.1,
"url": "https://support.f5.com/csp/article/k17269881?utm_source=f5support\u0026amp;amp;utm_medium=rss"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5489"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16884"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14901"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14901"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10126"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9506"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9506"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10126"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1028.32"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4184-2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15791"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-36.39~18.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15793"
},
{
"trust": 0.1,
"url": "https://bugs.launchpad.net/bugs/1851709,"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4184-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.0.0-36.39"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:3860"
},
{
"trust": 0.1,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/taa_mcepsc_i915"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4186-2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:3832"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17350"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/xen"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17342"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18423"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17344"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12126"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17348"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17349"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17345"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12127"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17347"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-305.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17346"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17340"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19578"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.4.0-169.198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16746"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4186-3"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2215"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122143"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155331"
},
{
"db": "PACKETSTORM",
"id": "155278"
},
{
"db": "PACKETSTORM",
"id": "155847"
},
{
"db": "PACKETSTORM",
"id": "155284"
},
{
"db": "PACKETSTORM",
"id": "155314"
},
{
"db": "PACKETSTORM",
"id": "155283"
},
{
"db": "PACKETSTORM",
"id": "155956"
},
{
"db": "PACKETSTORM",
"id": "155335"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
},
{
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-122143"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155331"
},
{
"db": "PACKETSTORM",
"id": "155278"
},
{
"db": "PACKETSTORM",
"id": "155847"
},
{
"db": "PACKETSTORM",
"id": "155284"
},
{
"db": "PACKETSTORM",
"id": "155314"
},
{
"db": "PACKETSTORM",
"id": "155283"
},
{
"db": "PACKETSTORM",
"id": "155956"
},
{
"db": "PACKETSTORM",
"id": "155335"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
},
{
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-122143"
},
{
"date": "2020-01-23T00:26:55",
"db": "PACKETSTORM",
"id": "156058"
},
{
"date": "2019-11-14T15:55:13",
"db": "PACKETSTORM",
"id": "155331"
},
{
"date": "2019-11-12T21:45:10",
"db": "PACKETSTORM",
"id": "155278"
},
{
"date": "2020-01-06T17:03:24",
"db": "PACKETSTORM",
"id": "155847"
},
{
"date": "2019-11-12T21:49:19",
"db": "PACKETSTORM",
"id": "155284"
},
{
"date": "2019-11-13T17:17:28",
"db": "PACKETSTORM",
"id": "155314"
},
{
"date": "2019-11-12T21:49:05",
"db": "PACKETSTORM",
"id": "155283"
},
{
"date": "2020-01-15T17:22:12",
"db": "PACKETSTORM",
"id": "155956"
},
{
"date": "2019-11-14T15:56:10",
"db": "PACKETSTORM",
"id": "155335"
},
{
"date": "2019-11-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-694"
},
{
"date": "2019-11-14T20:15:11.133000",
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-15T00:00:00",
"db": "VULHUB",
"id": "VHN-122143"
},
{
"date": "2022-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-694"
},
{
"date": "2023-11-07T02:52:09.833000",
"db": "NVD",
"id": "CVE-2018-12207"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "155314"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Windows and Microsoft Windows Server Input validation error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-694"
}
],
"trust": 0.6
}
}
VAR-201908-0265
Vulnerability from variot - Updated: 2024-07-23 22:03Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service (DoS) attacks. HTTP/2 is the second version of the hypertext transfer protocol, which is mainly used to ensure the communication between the client and the server. A resource management error vulnerability exists in HTTP/2. An attacker could exploit this vulnerability to cause a denial of service. Description:
Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. Bugs fixed (https://bugzilla.redhat.com/):
1649870 - CVE-2019-14820 keycloak: adapter endpoints are exposed via arbitrary URLs 1690628 - CVE-2019-3875 keycloak: missing signatures validation on CRL used to verify client certificates 1728609 - CVE-2019-10201 keycloak: SAML broker does not check existence of signature on document allowing any user impersonation 1729261 - CVE-2019-10199 keycloak: CSRF check missing in My Resources functionality in the Account Console 1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth 1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth 1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth 1738673 - CVE-2019-10219 hibernate-validator: safeHTML validator allows XSS 1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service 1749487 - CVE-2019-14832 keycloak: cross-realm user access auth bypass 1751227 - CVE-2019-14838 wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default 1755831 - CVE-2019-16335 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource 1755849 - CVE-2019-14540 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig 1758167 - CVE-2019-17267 jackson-databind: Serialization gadgets in classes of the ehcache package 1758171 - CVE-2019-14892 jackson-databind: Serialization gadgets in classes of the commons-configuration package 1758182 - CVE-2019-14893 jackson-databind: Serialization gadgets in classes of the xalan package 1758187 - CVE-2019-16942 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources. 1758191 - CVE-2019-16943 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource 1764607 - CVE-2019-0210 thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol 1764612 - CVE-2019-0205 thrift: Endless loop when feed with specific input data 1764658 - CVE-2019-12400 xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source 1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 1772008 - CVE-2019-14887 wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use 1772464 - CVE-2019-14888 undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS 1775293 - CVE-2019-17531 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db. 1793154 - CVE-2019-20330 jackson-databind: lacks certain net.sf.ehcache blocking 1796225 - CVE-2020-7238 netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling 1802444 - CVE-2020-1729 SmallRye: SecuritySupport class is incorrectly public and contains a static method to access the current threads context class loader 1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1816170 - CVE-2019-12406 cxf: does not restrict the number of message attachments 1816175 - CVE-2019-12419 cxf: OpenId Connect token service does not properly validate the clientId 1816330 - CVE-2020-8840 jackson-databind: Lacks certain xbean-reflect/JNDI blocking 1816332 - CVE-2020-9546 jackson-databind: Serialization gadgets in shaded-hikari-config 1816337 - CVE-2020-9547 jackson-databind: Serialization gadgets in ibatis-sqlmap 1816340 - CVE-2020-9548 jackson-databind: Serialization gadgets in anteros-core 1819208 - CVE-2020-10968 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider 1819212 - CVE-2020-10969 jackson-databind: Serialization gadgets in javax.swing.JEditorPane 1821304 - CVE-2020-11111 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory 1821311 - CVE-2020-11112 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider 1821315 - CVE-2020-11113 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime 1826798 - CVE-2020-11620 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly 1826805 - CVE-2020-11619 jackson-databind: Serialization gadgets in org.springframework:spring-aop
- Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. See the Red Hat JBoss Enterprise Application Platform 7.2.5 Release Notes for information about the most significant bug fixes and enhancements included in this release.
The References section of this erratum contains a download link (you must log in to download the update).
The JBoss server process must be restarted for the update to take effect. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-17075 - (7.2.z) Upgrade yasson from 1.0.2.redhat-00001 to 1.0.5 JBEAP-17220 - (7.2.x) HHH-13504 Upgrade ByteBuddy to 1.9.11 JBEAP-17365 - GSS Upgrade RESTEasy from 3.6.1.SP6 to 3.6.1.SP7 JBEAP-17476 - GSS Upgrade Generic JMS RA 2.0.2.Final JBEAP-17478 - GSS Upgrade JBoss Remoting from 5.0.14.SP1 to 5.0.16.Final JBEAP-17483 - GSS Upgrade Apache CXF from 3.2.9 to 3.2.10 JBEAP-17495 - (7.2.z) Upgrade PicketLink from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009 JBEAP-17496 - (7.2.z) Upgrade PicketLink bindings from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009 JBEAP-17513 - GSS Upgrade Hibernate ORM from 5.3.11.SP1 to 5.3.13 JBEAP-17521 - (7.2.z) Upgrade picketbox from 5.0.3.Final-redhat-00004 to 5.0.3.Final-redhat-00005 JBEAP-17523 - GSS Upgrade wildfly-core from 6.0.16 to 6.0.17 JBEAP-17547 - GSS Upgrade Elytron-Tool from 1.4.3 to 1.4.4.Final JBEAP-17548 - GSS Upgrade Elytron from 1.6.4.Final-redhat-00001 to 1.6.5.Final-redhat-00001 JBEAP-17560 - GSS Upgrade HAL from 3.0.16 to 3.0.17 JBEAP-17579 - GSS Upgrade JBoss MSC from 1.4.8 to 1.4.11 JBEAP-17582 - GSS Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00002 to 2.3.5.SP3-redhat-00003 JBEAP-17631 - GSS Upgrade Undertow from 2.0.25.SP1 to 2.0.26.SP3 JBEAP-17647 - GSS Upgrade IronJacamar from 1.4.17.Final to 1.4.18.Final JBEAP-17665 - GSS Upgrade XNIO from 3.7.3.Final-redhat-00001 to 3.7.6.Final JBEAP-17722 - GSS Upgrade wildfly-http-client from 1.0.15.Final-redhat-00001 to 1.0.17.Final JBEAP-17874 - (7.2.z) Upgrade to wildfly-openssl 1.0.8 JBEAP-17880 - (7.2.z) Upgrade XNIO from 3.7.6.Final-redhat-00001 to 3.7.6.SP1
The fixes are too intrusive to backport to the version in the oldstable distribution (stretch). An upgrade to Debian stable (buster) is recommended instead.
For the stable distribution (buster), these problems have been fixed in version 8.0.2+ds-1+deb10u1.
We recommend that you upgrade your trafficserver packages.
For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl12uUMACgkQEMKTtsN8 TjbP/Q//UvaJG0Gts7+yZcOmkiaVinEtOzN445QNHGGQMKPfR4/hCuY6TrO0aWUM msNVTMwiEgLtXBqjNC2mT7f1UzQjZ76wb7wXAayaTsUsidMqsL9ZkVpzGSLrMBur wrhUpJRbDp/29qBdETP5bpjAp/Q7HMN1d9WbJa1ao2UpG1J2zpB8jQP0UjfVuM8W JwDlgj+Oj7M4CuQgN1A4vtK62f5k8X+d4bZZZSNUqkHKJuNFB1STDrDuZ+5aCPGo h0PYB/NX21T3W6AfGHIRwJda4IsSqRI/UnNIQygRs2QRiSzkGInCmb5KjsXKAiqF SnYLqKlxAcQ/8+zsEUqQKziBrZX6QsIiKFDYRV29KoK3AwDm7s5Q4KHzXGtNX5Mp a0GzAccDa1GpTxzSI8u5Jo60Ygf2ETkpwiyWSUivcFnzASyDCAwNLAwPAWpfARhO 2rE+LIi42dGnGfa2plKt7jvQDBj2hBvRHd8nMT8ugoJCTQCNnHC9X5/RNWPqIZmR XVHQSRTR8BCCnTdRuvXJB3oQyRQZORMqrsYoARm50+J/v2wJ/Q8Wo4kwWXpflDoH SAO10qjWU9Ja5giiQJh9ToJKPfx6sAma77XoaBz0HteCs3uCvyJK5cpmmoMcImyh 3po/YTjSdJRYZI9YjLWT1ZDP6TeueBkIqf07uuT9Kk92VWuyfhs=UFIM -----END PGP SIGNATURE----- . Description:
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
KEYCLOAK-11816 - Tracker bug for the RH-SSO 7.3.5 release for RHEL7
- Each of these container images includes gRPC, which has been updated with the below fixes. Solution:
For OpenShift Container Platform 4.1 see the following documentation, which will be updated shortly for release 4.1.z, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel ease-notes.html
- Description:
AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: nodejs:10 security update Advisory ID: RHSA-2019:2925-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2925 Issue date: 2019-09-30 CVE Names: CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 =====================================================================
- Summary:
An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (10.16.3).
Security Fix(es):
-
HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)
-
HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)
-
HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)
-
HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)
-
HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)
-
HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)
-
HTTP/2: request for large response leads to denial of service (CVE-2019-9517)
-
HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth 1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption 1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth 1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth 1735749 - CVE-2019-9518 HTTP/2: flood using empty frames results in excessive resource consumption 1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service 1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service 1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source: nodejs-10.16.3-2.module+el8.0.0+4214+49953fda.src.rpm nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed.src.rpm nodejs-packaging-17-3.module+el8+2873+aa7dfd9a.src.rpm
aarch64: nodejs-10.16.3-2.module+el8.0.0+4214+49953fda.aarch64.rpm nodejs-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.aarch64.rpm nodejs-debugsource-10.16.3-2.module+el8.0.0+4214+49953fda.aarch64.rpm nodejs-devel-10.16.3-2.module+el8.0.0+4214+49953fda.aarch64.rpm npm-6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda.aarch64.rpm
noarch: nodejs-docs-10.16.3-2.module+el8.0.0+4214+49953fda.noarch.rpm nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed.noarch.rpm nodejs-packaging-17-3.module+el8+2873+aa7dfd9a.noarch.rpm
ppc64le: nodejs-10.16.3-2.module+el8.0.0+4214+49953fda.ppc64le.rpm nodejs-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.ppc64le.rpm nodejs-debugsource-10.16.3-2.module+el8.0.0+4214+49953fda.ppc64le.rpm nodejs-devel-10.16.3-2.module+el8.0.0+4214+49953fda.ppc64le.rpm npm-6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda.ppc64le.rpm
s390x: nodejs-10.16.3-2.module+el8.0.0+4214+49953fda.s390x.rpm nodejs-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.s390x.rpm nodejs-debugsource-10.16.3-2.module+el8.0.0+4214+49953fda.s390x.rpm nodejs-devel-10.16.3-2.module+el8.0.0+4214+49953fda.s390x.rpm npm-6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda.s390x.rpm
x86_64: nodejs-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm nodejs-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm nodejs-debugsource-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm nodejs-devel-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm nodejs-devel-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm npm-6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-9511 https://access.redhat.com/security/cve/CVE-2019-9512 https://access.redhat.com/security/cve/CVE-2019-9513 https://access.redhat.com/security/cve/CVE-2019-9514 https://access.redhat.com/security/cve/CVE-2019-9515 https://access.redhat.com/security/cve/CVE-2019-9516 https://access.redhat.com/security/cve/CVE-2019-9517 https://access.redhat.com/security/cve/CVE-2019-9518 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXZGtHtzjgjWX9erEAQiTyRAAor6sJh3gZ6PZ3xUQhSyFif5kUuLb9dOa gsUrFUW9QjnSD4OeWq0eOJ+W1VkY0WKU0p2KCt4f0R9Msi85EKRzjymM4iv8icMu COL40Wcyvpn2WsdzHrrCT0rM7jiry7YShv/KOlao2wUhkbzs5aHc9D8fBhUvkiCj bHQhrGY+63pnIe6LyCUJ9nEEGPCMaFdpzI+9hDvAevh2ooj6h0PISg/MOb5T7N2z d0RNhrmp5wJUJWbb2hrcnUrbu4CQjf5r44a4R1EdrAL8C+y2vgnVO+wb8RprnMrW 350YueLNrCSYgqeysfbcNG1ccP6iZ/YLCOIOwfb9138cDqelUooAdPKmAj6hY97O pRv1cfc4sBCu1MxhnUgRcY3idmD7qaSbY7lNize04z/HMNK5aq3Kgx5bN/q0OA+n FqWVVCckoFYIn6wWUv1CPlAskpjqns2DPoEd1AUeZH9Efg0JBgKGgQh64T6q20Ua Je5DSConOr149WxNARXWbVz7FhnI+wsDTQzWTk7XuXBfhvSHrfl9tqD444cNP1wm WAvONvS+nlxDOqk4Joo+ZOHA9Wjx/lxciQo6S8aYaQHnCBSUbXAvXjKy0VeoUUdz bD5zrdhbGiSxtR0WNKVP0KVb62P14HGGrceFQRIJPSiqkIrNBS7oeCLuOPpB1QSx J/w0T73QFqQ= =4d1d -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-0265",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.7.2.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "web gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.7.2.24"
},
{
"model": "vs960hd",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.16.1"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.12.0"
},
{
"model": "openshift service mesh",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "software collections",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "29"
},
{
"model": "graalvm",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.2.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.0.0"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2.0"
},
{
"model": "web gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.2.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3.2"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "12.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.1"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.1.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.0.0"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "8.0.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.13.0"
},
{
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.2"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "12.8.1"
},
{
"model": "swiftnio",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.4.0"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "7.0.0"
},
{
"model": "quay",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "jboss core services",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "traffic server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "7.1.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.1.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.16.3"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "14"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "traffic server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "8.0.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "single sign-on",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "web gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.8.2.13"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "skynas",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "swiftnio",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.8.2.0"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.8.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5.1"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.04"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "traffic server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "6.0.0"
},
{
"model": "traffic server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "6.2.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "akamai",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amazon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apache traffic server",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cloudflare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "envoy",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "facebook",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "go programming language",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "litespeed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netty",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "node js",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "twisted",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "grpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nghttp2",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nginx",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.4.0",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "10.12",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "14.04",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.1.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.2.3",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.7.2.24",
"versionStartIncluding": "7.7.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.8.2.13",
"versionStartIncluding": "7.8.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2.0",
"versionStartIncluding": "8.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.1",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3.2",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.1.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5.1",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.6.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.8.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.12.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.8.1",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.16.3",
"versionStartIncluding": "10.13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.16.1",
"versionStartIncluding": "8.9.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "158650"
},
{
"db": "PACKETSTORM",
"id": "157741"
},
{
"db": "PACKETSTORM",
"id": "155480"
},
{
"db": "PACKETSTORM",
"id": "157214"
},
{
"db": "PACKETSTORM",
"id": "155518"
},
{
"db": "PACKETSTORM",
"id": "154475"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "154663"
}
],
"trust": 0.8
},
"cve": "CVE-2019-9515",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-160950",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cret@cert.org",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-9515",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cret@cert.org",
"id": "CVE-2019-9515",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-932",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-160950",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160950"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-932"
},
{
"db": "NVD",
"id": "CVE-2019-9515"
},
{
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service (DoS) attacks. HTTP/2 is the second version of the hypertext transfer protocol, which is mainly used to ensure the communication between the client and the server. A resource management error vulnerability exists in HTTP/2. An attacker could exploit this vulnerability to cause a denial of service. Description:\n\nRed Hat Decision Manager is an open source decision management platform\nthat combines business rules management, complex event processing, Decision\nModel \u0026 Notation (DMN) execution, and Business Optimizer for solving\nplanning problems. It automates business decisions and makes that logic\navailable to the entire business. Bugs fixed (https://bugzilla.redhat.com/):\n\n1649870 - CVE-2019-14820 keycloak: adapter endpoints are exposed via arbitrary URLs\n1690628 - CVE-2019-3875 keycloak: missing signatures validation on CRL used to verify client certificates\n1728609 - CVE-2019-10201 keycloak: SAML broker does not check existence of signature on document allowing any user impersonation\n1729261 - CVE-2019-10199 keycloak: CSRF check missing in My Resources functionality in the Account Console\n1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth\n1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth\n1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth\n1738673 - CVE-2019-10219 hibernate-validator: safeHTML validator allows XSS\n1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service\n1749487 - CVE-2019-14832 keycloak: cross-realm user access auth bypass\n1751227 - CVE-2019-14838 wildfly-core: Incorrect privileges for \u0027Monitor\u0027, \u0027Auditor\u0027 and \u0027Deployer\u0027 user by default\n1755831 - CVE-2019-16335 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource\n1755849 - CVE-2019-14540 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig\n1758167 - CVE-2019-17267 jackson-databind: Serialization gadgets in classes of the ehcache package\n1758171 - CVE-2019-14892 jackson-databind: Serialization gadgets in classes of the commons-configuration package\n1758182 - CVE-2019-14893 jackson-databind: Serialization gadgets in classes of the xalan package\n1758187 - CVE-2019-16942 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*\n1758191 - CVE-2019-16943 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource\n1764607 - CVE-2019-0210 thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol\n1764612 - CVE-2019-0205 thrift: Endless loop when feed with specific input data\n1764658 - CVE-2019-12400 xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source\n1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default\n1772008 - CVE-2019-14887 wildfly: The \u0027enabled-protocols\u0027 value in legacy security is not respected if OpenSSL security provider is in use\n1772464 - CVE-2019-14888 undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS\n1775293 - CVE-2019-17531 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*\n1793154 - CVE-2019-20330 jackson-databind: lacks certain net.sf.ehcache blocking\n1796225 - CVE-2020-7238 netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling\n1802444 - CVE-2020-1729 SmallRye: SecuritySupport class is incorrectly public and contains a static method to access the current threads context class loader\n1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution\n1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution\n1816170 - CVE-2019-12406 cxf: does not restrict the number of message attachments\n1816175 - CVE-2019-12419 cxf: OpenId Connect token service does not properly validate the clientId\n1816330 - CVE-2020-8840 jackson-databind: Lacks certain xbean-reflect/JNDI blocking\n1816332 - CVE-2020-9546 jackson-databind: Serialization gadgets in shaded-hikari-config\n1816337 - CVE-2020-9547 jackson-databind: Serialization gadgets in ibatis-sqlmap\n1816340 - CVE-2020-9548 jackson-databind: Serialization gadgets in anteros-core\n1819208 - CVE-2020-10968 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider\n1819212 - CVE-2020-10969 jackson-databind: Serialization gadgets in javax.swing.JEditorPane\n1821304 - CVE-2020-11111 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory\n1821311 - CVE-2020-11112 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider\n1821315 - CVE-2020-11113 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime\n1826798 - CVE-2020-11620 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly\n1826805 - CVE-2020-11619 jackson-databind: Serialization gadgets in org.springframework:spring-aop\n\n5. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. See the Red Hat JBoss Enterprise\nApplication Platform 7.2.5 Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\nThe JBoss server process must be restarted for the update to take effect. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-17075 - (7.2.z) Upgrade yasson from 1.0.2.redhat-00001 to 1.0.5\nJBEAP-17220 - (7.2.x) HHH-13504 Upgrade ByteBuddy to 1.9.11\nJBEAP-17365 - [GSS](7.2.z) Upgrade RESTEasy from 3.6.1.SP6 to 3.6.1.SP7\nJBEAP-17476 - [GSS](7.2.z) Upgrade Generic JMS RA 2.0.2.Final\nJBEAP-17478 - [GSS](7.2.z) Upgrade JBoss Remoting from 5.0.14.SP1 to 5.0.16.Final\nJBEAP-17483 - [GSS](7.2.z) Upgrade Apache CXF from 3.2.9 to 3.2.10\nJBEAP-17495 - (7.2.z) Upgrade PicketLink from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009\nJBEAP-17496 - (7.2.z) Upgrade PicketLink bindings from 2.5.5.SP12-redhat-00007 to 2.5.5.SP12-redhat-00009\nJBEAP-17513 - [GSS](7.2.z) Upgrade Hibernate ORM from 5.3.11.SP1 to 5.3.13\nJBEAP-17521 - (7.2.z) Upgrade picketbox from 5.0.3.Final-redhat-00004 to 5.0.3.Final-redhat-00005\nJBEAP-17523 - [GSS](7.2.z) Upgrade wildfly-core from 6.0.16 to 6.0.17\nJBEAP-17547 - [GSS](7.2.z) Upgrade Elytron-Tool from 1.4.3 to 1.4.4.Final\nJBEAP-17548 - [GSS](7.2.z) Upgrade Elytron from 1.6.4.Final-redhat-00001 to 1.6.5.Final-redhat-00001\nJBEAP-17560 - [GSS](7.2.z) Upgrade HAL from 3.0.16 to 3.0.17\nJBEAP-17579 - [GSS](7.2.z) Upgrade JBoss MSC from 1.4.8 to 1.4.11\nJBEAP-17582 - [GSS](7.2.z) Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00002 to 2.3.5.SP3-redhat-00003\nJBEAP-17631 - [GSS](7.2.z) Upgrade Undertow from 2.0.25.SP1 to 2.0.26.SP3\nJBEAP-17647 - [GSS](7.2.z) Upgrade IronJacamar from 1.4.17.Final to 1.4.18.Final\nJBEAP-17665 - [GSS](7.2.z) Upgrade XNIO from 3.7.3.Final-redhat-00001 to 3.7.6.Final\nJBEAP-17722 - [GSS](7.2.z) Upgrade wildfly-http-client from 1.0.15.Final-redhat-00001 to 1.0.17.Final\nJBEAP-17874 - (7.2.z) Upgrade to wildfly-openssl 1.0.8\nJBEAP-17880 - (7.2.z) Upgrade XNIO from 3.7.6.Final-redhat-00001 to 3.7.6.SP1\n\n6. \n\nThe fixes are too intrusive to backport to the version in the oldstable\ndistribution (stretch). An upgrade to Debian stable (buster) is\nrecommended instead. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 8.0.2+ds-1+deb10u1. \n\nWe recommend that you upgrade your trafficserver packages. \n\nFor the detailed security status of trafficserver please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/trafficserver\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl12uUMACgkQEMKTtsN8\nTjbP/Q//UvaJG0Gts7+yZcOmkiaVinEtOzN445QNHGGQMKPfR4/hCuY6TrO0aWUM\nmsNVTMwiEgLtXBqjNC2mT7f1UzQjZ76wb7wXAayaTsUsidMqsL9ZkVpzGSLrMBur\nwrhUpJRbDp/29qBdETP5bpjAp/Q7HMN1d9WbJa1ao2UpG1J2zpB8jQP0UjfVuM8W\nJwDlgj+Oj7M4CuQgN1A4vtK62f5k8X+d4bZZZSNUqkHKJuNFB1STDrDuZ+5aCPGo\nh0PYB/NX21T3W6AfGHIRwJda4IsSqRI/UnNIQygRs2QRiSzkGInCmb5KjsXKAiqF\nSnYLqKlxAcQ/8+zsEUqQKziBrZX6QsIiKFDYRV29KoK3AwDm7s5Q4KHzXGtNX5Mp\na0GzAccDa1GpTxzSI8u5Jo60Ygf2ETkpwiyWSUivcFnzASyDCAwNLAwPAWpfARhO\n2rE+LIi42dGnGfa2plKt7jvQDBj2hBvRHd8nMT8ugoJCTQCNnHC9X5/RNWPqIZmR\nXVHQSRTR8BCCnTdRuvXJB3oQyRQZORMqrsYoARm50+J/v2wJ/Q8Wo4kwWXpflDoH\nSAO10qjWU9Ja5giiQJh9ToJKPfx6sAma77XoaBz0HteCs3uCvyJK5cpmmoMcImyh\n3po/YTjSdJRYZI9YjLWT1ZDP6TeueBkIqf07uuT9Kk92VWuyfhs=UFIM\n-----END PGP SIGNATURE-----\n. Description:\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak\nproject, that provides authentication and standards-based single sign-on\ncapabilities for web and mobile applications. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):\n\nKEYCLOAK-11816 - Tracker bug for the RH-SSO 7.3.5 release for RHEL7\n\n7. Each of these container images includes gRPC,\nwhich has been updated with the below fixes. Solution:\n\nFor OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.z, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel\nease-notes.html\n\n4. Description:\n\nAMQ Broker is a high-performance messaging implementation based on ActiveMQ\nArtemis. It uses an asynchronous journal for fast message persistence, and\nsupports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to\nin the References section. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: nodejs:10 security update\nAdvisory ID: RHSA-2019:2925-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:2925\nIssue date: 2019-09-30\nCVE Names: CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 \n CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 \n CVE-2019-9517 CVE-2019-9518 \n=====================================================================\n\n1. Summary:\n\nAn update for the nodejs:10 module is now available for Red Hat Enterprise\nLinux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nNode.js is a software development platform for building fast and scalable\nnetwork applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version:\nnodejs (10.16.3). \n\nSecurity Fix(es):\n\n* HTTP/2: large amount of data requests leads to denial of service\n(CVE-2019-9511)\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using PRIORITY frames results in excessive resource\nconsumption (CVE-2019-9513)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth\n(CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth\n(CVE-2019-9515)\n\n* HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* HTTP/2: request for large response leads to denial of service\n(CVE-2019-9517)\n\n* HTTP/2: flood using empty frames results in excessive resource\nconsumption (CVE-2019-9518)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth\n1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption\n1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth\n1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth\n1735749 - CVE-2019-9518 HTTP/2: flood using empty frames results in excessive resource consumption\n1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service\n1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service\n1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service\n\n6. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\nnodejs-10.16.3-2.module+el8.0.0+4214+49953fda.src.rpm\nnodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed.src.rpm\nnodejs-packaging-17-3.module+el8+2873+aa7dfd9a.src.rpm\n\naarch64:\nnodejs-10.16.3-2.module+el8.0.0+4214+49953fda.aarch64.rpm\nnodejs-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.aarch64.rpm\nnodejs-debugsource-10.16.3-2.module+el8.0.0+4214+49953fda.aarch64.rpm\nnodejs-devel-10.16.3-2.module+el8.0.0+4214+49953fda.aarch64.rpm\nnpm-6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda.aarch64.rpm\n\nnoarch:\nnodejs-docs-10.16.3-2.module+el8.0.0+4214+49953fda.noarch.rpm\nnodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed.noarch.rpm\nnodejs-packaging-17-3.module+el8+2873+aa7dfd9a.noarch.rpm\n\nppc64le:\nnodejs-10.16.3-2.module+el8.0.0+4214+49953fda.ppc64le.rpm\nnodejs-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.ppc64le.rpm\nnodejs-debugsource-10.16.3-2.module+el8.0.0+4214+49953fda.ppc64le.rpm\nnodejs-devel-10.16.3-2.module+el8.0.0+4214+49953fda.ppc64le.rpm\nnpm-6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda.ppc64le.rpm\n\ns390x:\nnodejs-10.16.3-2.module+el8.0.0+4214+49953fda.s390x.rpm\nnodejs-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.s390x.rpm\nnodejs-debugsource-10.16.3-2.module+el8.0.0+4214+49953fda.s390x.rpm\nnodejs-devel-10.16.3-2.module+el8.0.0+4214+49953fda.s390x.rpm\nnpm-6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda.s390x.rpm\n\nx86_64:\nnodejs-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm\nnodejs-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm\nnodejs-debugsource-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm\nnodejs-devel-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm\nnodejs-devel-debuginfo-10.16.3-2.module+el8.0.0+4214+49953fda.x86_64.rpm\nnpm-6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-9511\nhttps://access.redhat.com/security/cve/CVE-2019-9512\nhttps://access.redhat.com/security/cve/CVE-2019-9513\nhttps://access.redhat.com/security/cve/CVE-2019-9514\nhttps://access.redhat.com/security/cve/CVE-2019-9515\nhttps://access.redhat.com/security/cve/CVE-2019-9516\nhttps://access.redhat.com/security/cve/CVE-2019-9517\nhttps://access.redhat.com/security/cve/CVE-2019-9518\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXZGtHtzjgjWX9erEAQiTyRAAor6sJh3gZ6PZ3xUQhSyFif5kUuLb9dOa\ngsUrFUW9QjnSD4OeWq0eOJ+W1VkY0WKU0p2KCt4f0R9Msi85EKRzjymM4iv8icMu\nCOL40Wcyvpn2WsdzHrrCT0rM7jiry7YShv/KOlao2wUhkbzs5aHc9D8fBhUvkiCj\nbHQhrGY+63pnIe6LyCUJ9nEEGPCMaFdpzI+9hDvAevh2ooj6h0PISg/MOb5T7N2z\nd0RNhrmp5wJUJWbb2hrcnUrbu4CQjf5r44a4R1EdrAL8C+y2vgnVO+wb8RprnMrW\n350YueLNrCSYgqeysfbcNG1ccP6iZ/YLCOIOwfb9138cDqelUooAdPKmAj6hY97O\npRv1cfc4sBCu1MxhnUgRcY3idmD7qaSbY7lNize04z/HMNK5aq3Kgx5bN/q0OA+n\nFqWVVCckoFYIn6wWUv1CPlAskpjqns2DPoEd1AUeZH9Efg0JBgKGgQh64T6q20Ua\nJe5DSConOr149WxNARXWbVz7FhnI+wsDTQzWTk7XuXBfhvSHrfl9tqD444cNP1wm\nWAvONvS+nlxDOqk4Joo+ZOHA9Wjx/lxciQo6S8aYaQHnCBSUbXAvXjKy0VeoUUdz\nbD5zrdhbGiSxtR0WNKVP0KVb62P14HGGrceFQRIJPSiqkIrNBS7oeCLuOPpB1QSx\nJ/w0T73QFqQ=\n=4d1d\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9515"
},
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "VULHUB",
"id": "VHN-160950"
},
{
"db": "PACKETSTORM",
"id": "158650"
},
{
"db": "PACKETSTORM",
"id": "157741"
},
{
"db": "PACKETSTORM",
"id": "155480"
},
{
"db": "PACKETSTORM",
"id": "154222"
},
{
"db": "PACKETSTORM",
"id": "154430"
},
{
"db": "PACKETSTORM",
"id": "157214"
},
{
"db": "PACKETSTORM",
"id": "155518"
},
{
"db": "PACKETSTORM",
"id": "154475"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "154663"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9515",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#605641",
"trust": 2.5
},
{
"db": "MCAFEE",
"id": "SB10296",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201908-932",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "158651",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "154222",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "157214",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156852",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155484",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156830",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156941",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "158095",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "156628",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155352",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155520",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155728",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4238",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4737",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4332",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1030",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2619",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4533",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0643",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1766",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3325",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1076",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0994",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3114",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3597.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0007",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4645",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4596",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3227",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4586",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0100",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4788",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2071",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3299",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4484",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1335",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1427",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4665",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0832",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3597.3",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072128",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-346-01",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "158650",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-160950",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "157741",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155480",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154430",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155518",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154475",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "VULHUB",
"id": "VHN-160950"
},
{
"db": "PACKETSTORM",
"id": "158650"
},
{
"db": "PACKETSTORM",
"id": "157741"
},
{
"db": "PACKETSTORM",
"id": "155480"
},
{
"db": "PACKETSTORM",
"id": "154222"
},
{
"db": "PACKETSTORM",
"id": "154430"
},
{
"db": "PACKETSTORM",
"id": "157214"
},
{
"db": "PACKETSTORM",
"id": "155518"
},
{
"db": "PACKETSTORM",
"id": "154475"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "154663"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-932"
},
{
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"id": "VAR-201908-0265",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-160950"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:03:39.695000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HTTP/2 Remedial measures to achieve security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96616"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-932"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.1
},
{
"problemtype": "CWE-400",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160950"
},
{
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://github.com/netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"trust": 2.5,
"url": "https://www.synology.com/security/advisory/synology_sa_19_33"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4021"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:4041"
},
{
"trust": 2.3,
"url": "https://www.debian.org/security/2019/dsa-4508"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:3892"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:4018"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:4019"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:4020"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:4040"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:4042"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:4045"
},
{
"trust": 2.3,
"url": "https://access.redhat.com/errata/rhsa-2019:4352"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2766"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2925"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/aug/24"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/aug/43"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/sep/18"
},
{
"trust": 1.7,
"url": "https://kb.cert.org/vuls/id/605641/"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20190823-0005/"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k50233772"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2019/dsa-4520"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2019/aug/16"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2796"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2861"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2939"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2955"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2020:0727"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4308-1/"
},
{
"trust": 1.6,
"url": "https://blogs.akamai.com/sitr/2019/08/http2-vulnerabilities.html"
},
{
"trust": 1.6,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10296"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9515"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9514"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9512"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04%40%3cusers.trafficserver.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19%40%3cannounce.trafficserver.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7%40%3cdev.trafficserver.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4zqghe3wtylyayjeidjvf2figqtaypmc/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/cmnfx5mnyrwwimo4btkyqcgudmho3axp/"
},
{
"trust": 1.0,
"url": "https://support.f5.com/csp/article/k50233772?utm_source=f5support\u0026amp%3butm_medium=rss"
},
{
"trust": 0.8,
"url": "https://vuls.cert.org/confluence/pages/viewpage.action?pageid=56393752"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc7540"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc7541"
},
{
"trust": 0.8,
"url": "https://blog.cloudflare.com/on-the-recent-http-2-dos-attacks/"
},
{
"trust": 0.8,
"url": "https://blog.litespeedtech.com/2019/08/15/litespeed-addresses-http-2-dos-advisories/"
},
{
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9511https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9512https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9513https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9514https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-9518"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2019-9512"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2019-9514"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2019-9515"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/cmnfx5mnyrwwimo4btkyqcgudmho3axp/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4zqghe3wtylyayjeidjvf2figqtaypmc/"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3cannounce.trafficserver.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3cdev.trafficserver.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3cusers.trafficserver.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k50233772?utm_source=f5support\u0026utm_medium=rss"
},
{
"trust": 0.6,
"url": "http2-cves/"
},
{
"trust": 0.6,
"url": "https://www.cloudfoundry.org/blog/various-"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9518"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9517"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9516"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9515"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9514"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9513"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9512"
},
{
"trust": 0.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9511"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192260-1.html"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-au/ht210436"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192254-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1126605"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1104951"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-346-01"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1109787"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1109781"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1108515"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1109775"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1165894"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1165906"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1135167"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1164346"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1164364"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200059-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1128387"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157214/red-hat-security-advisory-2020-1445-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4788/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4586/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0994/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-spectrum-protect-plus-cve-2019-15606-cve-2019-15604-cve-2019-15605-cve-2019-9511-cve-2019-9516-cve-2019-9512-cve-2019-9517-cve-2019-951/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4332/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0643/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4484/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-db2-that-affect-the-ibm-performance-management-product/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1143454"
},
{
"trust": 0.6,
"url": "http2-implementation-vulnerablility/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-websphere-liberty-susceptible-to-"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155728/red-hat-security-advisory-2019-4352-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2619/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3227/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3114/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-kubernetes-affect-ibm-infosphere-information-server/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3299/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-application-server-liberty-affect-ibm-spectrum-protect-operations-center-and-client-management-service/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1335/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3597.3/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158095/red-hat-security-advisory-2020-2565-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1071852"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4737/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156830/ubuntu-security-notice-usn-4308-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0832/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1137466"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/http-2-multiple-vulnerabilities-30040"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155484/red-hat-security-advisory-2019-4019-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-netty-affect-ibm-operations-analytics-predictive-insights-cve-2019-9514-cve-2019-9512-cve-2019-9518-cve-2019-9515/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1076/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3325/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156628/red-hat-security-advisory-2020-0727-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-3/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2071/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1127397"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1427/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3597.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4665/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-vulnerability-in-netty/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-netty-affect-ibm-netcool-agile-service-manager/"
},
{
"trust": 0.6,
"url": "https://pivotal.io/security/cve-2019-9517"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-warehouse-has-released-a-fix-in-response-to-multiple-vulnerabilities-found-in-ibm-db2/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-affected-by-vulnerabilities-in-websphere-application-server-liberty-cve-2019-9515-cve-2019-9518-cve-2019-9517-cve-2019-9512-cve-2019-9514-c/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4596/"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210436"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155520/red-hat-security-advisory-2019-4045-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-db2-and-ibm-java-runtime-affect-ibm-spectrum-protect-server/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-ibm-websphere-application-server-affect-ibm-sterling-b2b-integrator/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156852/red-hat-security-advisory-2020-0922-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156941/red-hat-security-advisory-2020-0983-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1766/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072128"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-2/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/154222/debian-security-advisory-4508-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-affected-by-multiple-vulnerabilities-in-websphere-application-server-liberty/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158651/red-hat-security-advisory-2020-3197-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4533/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1150960"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0100/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1167160"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0007/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4238/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155352/red-hat-security-advisory-2019-3892-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1165852"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1030/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1127853"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9518"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9511"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2019-9511"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-9518"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-7238"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20444"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-20445"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-20444"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-16869"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-7238"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16869"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20445"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14838"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-14838"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9517"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9517"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-9516"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9516"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11112"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12406"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9547"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11113"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10968"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9546"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10672"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-12406"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20330"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11619"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10673"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9548"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-8840"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10969"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11620"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20330"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11111"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14843"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14843"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-0222"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10247"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0222"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10241"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-10247"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-10241"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10296"
},
{
"trust": 0.1,
"url": "https://support.f5.com/csp/article/k50233772?utm_source=f5support\u0026amp;amp;utm_medium=rss"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14060"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1718"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14060"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13990"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11612"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14061"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14062"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=rhdm\u0026version=7.8.0"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11111"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12423"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11112"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12423"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10968"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.8/html/release_notes_for_red_hat_decision_manager_7.8/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14061"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11113"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14062"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10673"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16335"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3875"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14832"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16943"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10201"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.5/html/release_notes_for_thorntail_2.5/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:2067"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3875"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12400"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12419"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17531"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16335"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0210"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10086"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10219"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14832"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17531"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14540"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17267"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10199"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=catrhoar.thorntail\u0026version=2.5.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16942"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14892"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10201"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1729"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16943"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12419"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17267"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0205"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14893"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10199"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16942"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14893"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14888"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12400"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14892"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10219"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10086"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14540"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14820"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14820"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14888"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=7.2"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/h2o"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/trafficserver"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.broker\u0026version=7.4.3"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:1445"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/7.4/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14837"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-rel"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/7.6/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.broker\u0026version=7.6.0\u0026productchanged=yes"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:0922"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9513"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9513"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "VULHUB",
"id": "VHN-160950"
},
{
"db": "PACKETSTORM",
"id": "158650"
},
{
"db": "PACKETSTORM",
"id": "157741"
},
{
"db": "PACKETSTORM",
"id": "155480"
},
{
"db": "PACKETSTORM",
"id": "154222"
},
{
"db": "PACKETSTORM",
"id": "154430"
},
{
"db": "PACKETSTORM",
"id": "157214"
},
{
"db": "PACKETSTORM",
"id": "155518"
},
{
"db": "PACKETSTORM",
"id": "154475"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "154663"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-932"
},
{
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#605641"
},
{
"db": "VULHUB",
"id": "VHN-160950"
},
{
"db": "PACKETSTORM",
"id": "158650"
},
{
"db": "PACKETSTORM",
"id": "157741"
},
{
"db": "PACKETSTORM",
"id": "155480"
},
{
"db": "PACKETSTORM",
"id": "154222"
},
{
"db": "PACKETSTORM",
"id": "154430"
},
{
"db": "PACKETSTORM",
"id": "157214"
},
{
"db": "PACKETSTORM",
"id": "155518"
},
{
"db": "PACKETSTORM",
"id": "154475"
},
{
"db": "PACKETSTORM",
"id": "156852"
},
{
"db": "PACKETSTORM",
"id": "154663"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-932"
},
{
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-13T00:00:00",
"db": "CERT/CC",
"id": "VU#605641"
},
{
"date": "2019-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-160950"
},
{
"date": "2020-07-29T17:52:58",
"db": "PACKETSTORM",
"id": "158650"
},
{
"date": "2020-05-18T16:42:53",
"db": "PACKETSTORM",
"id": "157741"
},
{
"date": "2019-11-27T15:38:24",
"db": "PACKETSTORM",
"id": "155480"
},
{
"date": "2019-08-26T16:13:10",
"db": "PACKETSTORM",
"id": "154222"
},
{
"date": "2019-09-10T23:12:17",
"db": "PACKETSTORM",
"id": "154430"
},
{
"date": "2020-04-14T15:39:41",
"db": "PACKETSTORM",
"id": "157214"
},
{
"date": "2019-12-02T19:20:11",
"db": "PACKETSTORM",
"id": "155518"
},
{
"date": "2019-09-12T20:40:57",
"db": "PACKETSTORM",
"id": "154475"
},
{
"date": "2020-03-23T15:57:42",
"db": "PACKETSTORM",
"id": "156852"
},
{
"date": "2019-09-30T13:33:33",
"db": "PACKETSTORM",
"id": "154663"
},
{
"date": "2019-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-932"
},
{
"date": "2019-08-13T21:15:12.520000",
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-19T00:00:00",
"db": "CERT/CC",
"id": "VU#605641"
},
{
"date": "2020-10-22T00:00:00",
"db": "VULHUB",
"id": "VHN-160950"
},
{
"date": "2022-07-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-932"
},
{
"date": "2023-11-07T03:13:42.650000",
"db": "NVD",
"id": "CVE-2019-9515"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-932"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion",
"sources": [
{
"db": "CERT/CC",
"id": "VU#605641"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-932"
}
],
"trust": 0.6
}
}
VAR-201801-1708
Vulnerability from variot - Updated: 2024-07-23 21:58The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. Linux Kernel Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Linux Kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Linux kernel versions prior to 4.11, and 4.9.x prior to 4.9.36 are vulnerable. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Security Fix(es):
-
hw: cpu: speculative execution permission faults handling (CVE-2017-5754)
-
Kernel: error in exception handling leads to DoS (CVE-2018-8897)
-
kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645)
-
kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824)
-
kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166)
-
kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017)
-
kernel: Stack information leak in the EFS element (CVE-2017-1000410)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Google Project Zero for reporting CVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and Armis Labs for reporting CVE-2017-1000410.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. See the bug fix descriptions in the related Knowledge Article: https://access.redhat.com/articles/3431591
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies 1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element 1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling 1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c 1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation 1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: kernel-2.6.32-696.28.1.el6.src.rpm
i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: kernel-2.6.32-696.28.1.el6.src.rpm
noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: kernel-2.6.32-696.28.1.el6.src.rpm
i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
ppc64: kernel-2.6.32-696.28.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm kernel-devel-2.6.32-696.28.1.el6.ppc64.rpm kernel-headers-2.6.32-696.28.1.el6.ppc64.rpm perf-2.6.32-696.28.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
s390x: kernel-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-devel-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm kernel-devel-2.6.32-696.28.1.el6.s390x.rpm kernel-headers-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-696.28.1.el6.s390x.rpm perf-2.6.32-696.28.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
ppc64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm python-perf-2.6.32-696.28.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
s390x: kernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm python-perf-2.6.32-696.28.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: kernel-2.6.32-696.28.1.el6.src.rpm
i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-7645 https://access.redhat.com/security/cve/CVE-2017-8824 https://access.redhat.com/security/cve/CVE-2017-13166 https://access.redhat.com/security/cve/CVE-2017-18017 https://access.redhat.com/security/cve/CVE-2017-1000410 https://access.redhat.com/security/cve/CVE-2018-8897 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/3431591
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFa8fO8XlSAg2UNWIIRAnN0AKCBdjdw1bC12xju0GwoOedA1L8osACaA1Ze 4IKrbiFeHd+C9bqCjUFX4pw= =3psi -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Security Fix(es):
- An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639)
Note: This issue is present in hardware and cannot be fully fixed via software update. To be fully functional, up-to-date CPU microcode applied on the system might be required. Please refer to References section for further information about this issue, CPU microcode requirements and the potential performance impact.
In this update, mitigation for PowerPC architecture is provided. Bugs fixed (https://bugzilla.redhat.com/):
1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
-
(BZ#1549731)
-
Intel Core X-Series (Skylake) processors use a hardcoded Time Stamp Counter (TSC) frequency of 25 MHz. In some cases this can be imprecise and lead to timing-related problems such as time drift, timers being triggered early, or TSC clock instability. This update mitigates these problems by no longer using the "native_calibrate_tsc()" function to define the TSC frequency. Refined calibration is now used to update the clock rate accordingly in these cases. (BZ#1547854)
-
7) - noarch, x86_64
-
Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4187-1 security@debian.org https://www.debian.org/security/ Ben Hutchings May 01, 2018 https://www.debian.org/security/faq
Package : linux CVE ID : CVE-2015-9016 CVE-2017-0861 CVE-2017-5715 CVE-2017-5753 CVE-2017-13166 CVE-2017-13220 CVE-2017-16526 CVE-2017-16911 CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-18017 CVE-2017-18203 CVE-2017-18216 CVE-2017-18232 CVE-2017-18241 CVE-2018-1066 CVE-2018-1068 CVE-2018-1092 CVE-2018-5332 CVE-2018-5333 CVE-2018-5750 CVE-2018-5803 CVE-2018-6927 CVE-2018-7492 CVE-2018-7566 CVE-2018-7740 CVE-2018-7757 CVE-2018-7995 CVE-2018-8781 CVE-2018-8822 CVE-2018-1000004 CVE-2018-1000199
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
CVE-2015-9016
Ming Lei reported a race condition in the multiqueue block layer
(blk-mq). On a system with a driver using blk-mq (mtip32xx,
null_blk, or virtio_blk), a local user might be able to use this
for denial of service or possibly for privilege escalation.
CVE-2017-0861
Robb Glasser reported a potential use-after-free in the ALSA (sound)
PCM core. We believe this was not possible in practice.
CVE-2017-5715
Multiple researchers have discovered a vulnerability in various
processors supporting speculative execution, enabling an attacker
controlling an unprivileged process to read memory from arbitrary
addresses, including from the kernel and all other processes
running on the system.
This specific attack has been named Spectre variant 2 (branch
target injection) and is mitigated for the x86 architecture (amd64
and i386) by using the "retpoline" compiler feature which allows
indirect branches to be isolated from speculative execution.
CVE-2017-5753
Multiple researchers have discovered a vulnerability in various
processors supporting speculative execution, enabling an attacker
controlling an unprivileged process to read memory from arbitrary
addresses, including from the kernel and all other processes
running on the system.
This specific attack has been named Spectre variant 1
(bounds-check bypass) and is mitigated by identifying vulnerable
code sections (array bounds checking followed by array access) and
replacing the array access with the speculation-safe
array_index_nospec() function.
More use sites will be added over time.
CVE-2017-13166
A bug in the 32-bit compatibility layer of the v4l2 ioctl handling
code has been found. Memory protections ensuring user-provided
buffers always point to userland memory were disabled, allowing
destination addresses to be in kernel space. On a 64-bit kernel a
local user with access to a suitable video device can exploit this
to overwrite kernel memory, leading to privilege escalation.
CVE-2017-13220
Al Viro reported that the Bluetooth HIDP implementation could
dereference a pointer before performing the necessary type check.
A local user could use this to cause a denial of service.
CVE-2017-16526
Andrey Konovalov reported that the UWB subsystem may dereference
an invalid pointer in an error case. A local user might be able
to use this for denial of service.
CVE-2017-16911
Secunia Research reported that the USB/IP vhci_hcd driver exposed
kernel heap addresses to local users. This information could aid the
exploitation of other vulnerabilities.
CVE-2017-16912
Secunia Research reported that the USB/IP stub driver failed to
perform a range check on a received packet header field, leading
to an out-of-bounds read. A remote user able to connect to the
USB/IP server could use this for denial of service.
CVE-2017-16913
Secunia Research reported that the USB/IP stub driver failed to
perform a range check on a received packet header field, leading
to excessive memory allocation. A remote user able to connect to
the USB/IP server could use this for denial of service.
CVE-2017-16914
Secunia Research reported that the USB/IP stub driver failed to
check for an invalid combination of fields in a received packet,
leading to a null pointer dereference. A remote user able to
connect to the USB/IP server could use this for denial of service.
CVE-2017-18017
Denys Fedoryshchenko reported that the netfilter xt_TCPMSS module
failed to validate TCP header lengths, potentially leading to a
use-after-free. If this module is loaded, it could be used by a
remote attacker for denial of service or possibly for code
execution.
CVE-2017-18203
Hou Tao reported that there was a race condition in creation and
deletion of device-mapper (DM) devices. A local user could
potentially use this for denial of service.
CVE-2017-18216
Alex Chen reported that the OCFS2 filesystem failed to hold a
necessary lock during nodemanager sysfs file operations,
potentially leading to a null pointer dereference. A local user
could use this for denial of service.
CVE-2017-18232
Jason Yan reported a race condition in the SAS (Serial-Attached
SCSI) subsystem, between probing and destroying a port. This
could lead to a deadlock.
CVE-2017-18241
Yunlei He reported that the f2fs implementation does not properly
initialise its state if the "noflush_merge" mount option is used.
A local user with access to a filesystem mounted with this option
could use this to cause a denial of service.
CVE-2018-1066
Dan Aloni reported to Red Hat that the CIFS client implementation
would dereference a null pointer if the server sent an invalid
response during NTLMSSP setup negotiation. This could be used
by a malicious server for denial of service.
CVE-2018-1068
The syzkaller tool found that the 32-bit compatibility layer of
ebtables did not sufficiently validate offset values. On a 64-bit
kernel, a local user with the CAP_NET_ADMIN capability (in any user
namespace) could use this to overwrite kernel memory, possibly
leading to privilege escalation. Debian disables unprivileged user
namespaces by default.
CVE-2018-1092
Wen Xu reported that a crafted ext4 filesystem image would
trigger a null dereference when mounted. A local user able
to mount arbitrary filesystems could use this for denial of
service.
CVE-2018-5332
Mohamed Ghannam reported that the RDS protocol did not
sufficiently validate RDMA requests, leading to an out-of-bounds
write. A local attacker on a system with the rds module loaded
could use this for denial of service or possibly for privilege
escalation.
CVE-2018-5333
Mohamed Ghannam reported that the RDS protocol did not properly
handle an error case, leading to a null pointer dereference. A
local attacker on a system with the rds module loaded could
possibly use this for denial of service.
CVE-2018-5750
Wang Qize reported that the ACPI sbshc driver logged a kernel heap
address. This information could aid the exploitation of other
vulnerabilities.
CVE-2018-5803
Alexey Kodanev reported that the SCTP protocol did not range-check
the length of chunks to be created. A local or remote user could
use this to cause a denial of service.
CVE-2018-6927
Li Jinyue reported that the FUTEX_REQUEUE operation on futexes did
not check for negative parameter values, which might lead to a
denial of service or other security impact.
CVE-2018-7492
The syzkaller tool found that the RDS protocol was lacking a null
pointer check. A local attacker on a system with the rds module
loaded could use this for denial of service.
CVE-2018-7566
Fan LongFei reported a race condition in the ALSA (sound)
sequencer core, between write and ioctl operations. This could
lead to an out-of-bounds access or use-after-free. A local user
with access to a sequencer device could use this for denial of
service or possibly for privilege escalation.
CVE-2018-7740
Nic Losby reported that the hugetlbfs filesystem's mmap operation
did not properly range-check the file offset. A local user with
access to files on a hugetlbfs filesystem could use this to cause
a denial of service.
CVE-2018-7757
Jason Yan reported a memory leak in the SAS (Serial-Attached
SCSI) subsystem. A local user on a system with SAS devices
could use this to cause a denial of service.
CVE-2018-7995
Seunghun Han reported a race condition in the x86 MCE
(Machine Check Exception) driver. This is unlikely to have
any security impact.
CVE-2018-8781
Eyal Itkin reported that the udl (DisplayLink) driver's mmap
operation did not properly range-check the file offset. A local
user with access to a udl framebuffer device could exploit this to
overwrite kernel memory, leading to privilege escalation.
CVE-2018-8822
Dr Silvio Cesare of InfoSect reported that the ncpfs client
implementation did not validate reply lengths from the server. An
ncpfs server could use this to cause a denial of service or
remote code execution in the client.
CVE-2018-1000004
Luo Quan reported a race condition in the ALSA (sound) sequencer
core, between multiple ioctl operations. This could lead to a
deadlock or use-after-free. A local user with access to a
sequencer device could use this for denial of service or possibly
for privilege escalation.
CVE-2018-1000199
Andy Lutomirski discovered that the ptrace subsystem did not
sufficiently validate hardware breakpoint settings. Local users
can use this to cause a denial of service, or possibly for
privilege escalation, on x86 (amd64 and i386) and possibly other
architectures.
For the oldstable distribution (jessie), these problems have been fixed in version 3.16.56-1.
We recommend that you upgrade your linux packages.
For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlron61fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Rtqw//Xf/L4bP65wU9M59Ef6xBt+Eph+yxeMsioGhu80ODdMemlmHzASMtfZjY AXxyt9l8lbHn8MmwDA4aLhhwHYXwvKATdpHSy1SILrRfb4s9P9uV1vsHaIeZ649E hDyNon9hP2tPso6BwqiYHZZy9Xxtd+T8vTBeBZwUKOLBkBRvV/gyNSUdJWp6L8WH aF4D1hHl9ZotDkyIvkubbx77aqbJ88I4R0n69x7L9udFbuXa+U7hV6dJdnpzyl/7 OukJfEtnkaUgWu0MdOfFss6iH5OQISn/y/ricRi29oKQiEp3YwnT5J9pFwSQeJJS H8ABVt251UoS0J+of3QWw0muOT/6UAF8SNpPKMJXC7Euq8pTmYVPSIeUYf4eqn65 UHZSCKXaszItq+uzVNYdkj504BJ4cG1lFxZtlrFWwKE8p7QOETN0GKvTRdu/SvDd Hl2nb4HouLpBYS518Th2/MGgzhXXAuO12MH3smenptZbqxKn9Z0XSTJYzFupgJk/ kKF2xkDFBE4toTLVE+6XdUKwYk4vkeDZyOGOwRYThSkKAzrUh5zThgal4HnknD2A 5ye4XLhjgSIT47/nmor6lhxd7WGXGkV33GF0azYlHr/sclfzxcU2Ev3NUBWQ8M3s CxfIO0FNCzO0WIUf40md7MlIAnDBIRGyYgNIIe7AnSRKKPykEx8= =wNQS -----END PGP SIGNATURE----- . SchAPnherr (Amazon) for reporting CVE-2017-1000252; and Armis Labs for reporting CVE-2017-1000410
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1708",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise debuginfo",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise module for public cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.2"
},
{
"model": "mrg realtime",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.5"
},
{
"model": "arx",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "6.2.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.17"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.10.108"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.9.36"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.10"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.19"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "linux enterprise real time extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "linux enterprise real time extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.20.1fx-virtual-router"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.18.60"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.4.76"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.11"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "cloud magnum orchestration",
"scope": "eq",
"trust": 1.0,
"vendor": "openstack",
"version": "7"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "linux enterprise high availability extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.2"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.11"
},
{
"model": "arx",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "6.4.0"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "linux enterprise live patching",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.3"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.2.99"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "caas platform",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.16.54"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux enterprise high availability",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.1.43"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.9,
"vendor": "linux",
"version": "4.10.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.9,
"vendor": "linux",
"version": "4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.9,
"vendor": "linux",
"version": "4.10.15"
},
{
"model": "kernel",
"scope": "lt",
"trust": 0.8,
"vendor": "linux",
"version": "4.9.x"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.8,
"vendor": "linux",
"version": "4.9.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "4.10.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.80"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.65"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.42"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.88"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.48"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.0-57"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.34"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.87"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.90"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.53"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.71"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.67"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.40"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.70"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14-4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.76"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.47"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.44"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.82"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.55"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.50"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.59"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.72"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.75"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.66"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.64"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.63"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.93"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.51"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.57"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.49"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.73"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14-1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.64"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.56"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.43"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.61"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.44"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.73"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.65"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.42"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.30"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.41"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.39"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.58"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.72"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.37.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.52"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.51"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.86"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.73"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.78"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.49"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.58"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.72"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.10"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.17"
},
{
"model": "mrg realtime for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.69"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.33"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.98"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.7"
}
],
"sources": [
{
"db": "BID",
"id": "102367"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.11",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.99",
"versionStartIncluding": "3.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.10.108",
"versionStartIncluding": "3.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.16.54",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.18.60",
"versionStartIncluding": "3.17",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.1.43",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.76",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.9.36",
"versionStartIncluding": "4.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.4.0",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:raspberry_pi:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:-:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_live_patching:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:caas_platform:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_live_patching:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openstack:cloud_magnum_orchestration:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147229"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147232"
}
],
"trust": 0.5
},
"cve": "CVE-2017-18017",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-18017",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-109097",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-18017",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-18017",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-145",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-109097",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-18017",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. Linux Kernel Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Linux Kernel is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition. \nLinux kernel versions prior to 4.11, and 4.9.x prior to 4.9.36 are vulnerable. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* hw: cpu: speculative execution permission faults handling (CVE-2017-5754)\n\n* Kernel: error in exception handling leads to DoS (CVE-2018-8897)\n\n* kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645)\n\n* kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824)\n\n* kernel: v4l2: disabled memory access protection mechanism allowing\nprivilege escalation (CVE-2017-13166)\n\n* kernel: netfilter: use-after-free in tcpmss_mangle_packet function in\nnet/netfilter/xt_TCPMSS.c (CVE-2017-18017)\n\n* kernel: Stack information leak in the EFS element (CVE-2017-1000410)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nRed Hat would like to thank Google Project Zero for reporting\nCVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for\nreporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and\nArmis Labs for reporting CVE-2017-1000410. \n\nBug Fix(es):\n\nThese updated kernel packages include also numerous bug fixes. Space\nprecludes documenting all of these bug fixes in this advisory. See the bug\nfix descriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3431591\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies\n1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element\n1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c\n1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation\n1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nkernel-2.6.32-696.28.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-headers-2.6.32-696.28.1.el6.i686.rpm\nperf-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm\nkernel-doc-2.6.32-696.28.1.el6.noarch.rpm\nkernel-firmware-2.6.32-696.28.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-headers-2.6.32-696.28.1.el6.x86_64.rpm\nperf-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nkernel-2.6.32-696.28.1.el6.src.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm\nkernel-doc-2.6.32-696.28.1.el6.noarch.rpm\nkernel-firmware-2.6.32-696.28.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-headers-2.6.32-696.28.1.el6.x86_64.rpm\nperf-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nkernel-2.6.32-696.28.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-headers-2.6.32-696.28.1.el6.i686.rpm\nperf-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm\nkernel-doc-2.6.32-696.28.1.el6.noarch.rpm\nkernel-firmware-2.6.32-696.28.1.el6.noarch.rpm\n\nppc64:\nkernel-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-bootwrapper-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debug-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-devel-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-headers-2.6.32-696.28.1.el6.ppc64.rpm\nperf-2.6.32-696.28.1.el6.ppc64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\n\ns390x:\nkernel-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debug-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm\nkernel-devel-2.6.32-696.28.1.el6.s390x.rpm\nkernel-headers-2.6.32-696.28.1.el6.s390x.rpm\nkernel-kdump-2.6.32-696.28.1.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-kdump-devel-2.6.32-696.28.1.el6.s390x.rpm\nperf-2.6.32-696.28.1.el6.s390x.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\n\nx86_64:\nkernel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-headers-2.6.32-696.28.1.el6.x86_64.rpm\nperf-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nppc64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\npython-perf-2.6.32-696.28.1.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\n\ns390x:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\npython-perf-2.6.32-696.28.1.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nkernel-2.6.32-696.28.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-headers-2.6.32-696.28.1.el6.i686.rpm\nperf-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm\nkernel-doc-2.6.32-696.28.1.el6.noarch.rpm\nkernel-firmware-2.6.32-696.28.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-headers-2.6.32-696.28.1.el6.x86_64.rpm\nperf-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-7645\nhttps://access.redhat.com/security/cve/CVE-2017-8824\nhttps://access.redhat.com/security/cve/CVE-2017-13166\nhttps://access.redhat.com/security/cve/CVE-2017-18017\nhttps://access.redhat.com/security/cve/CVE-2017-1000410\nhttps://access.redhat.com/security/cve/CVE-2018-8897\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/3431591\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFa8fO8XlSAg2UNWIIRAnN0AKCBdjdw1bC12xju0GwoOedA1L8osACaA1Ze\n4IKrbiFeHd+C9bqCjUFX4pw=\n=3psi\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSecurity Fix(es):\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of Load \u0026 Store instructions\n(a commonly used performance optimization). It relies on the presence of a\nprecisely-defined instruction sequence in the privileged code as well as\nthe fact that memory read from address to which a recent memory write has\noccurred may see an older value and subsequently cause an update into the\nmicroprocessor\u0027s data cache even for speculatively executed instructions\nthat never actually commit (retire). As a result, an unprivileged attacker\ncould use this flaw to read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2018-3639)\n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. To be fully functional, up-to-date CPU\nmicrocode applied on the system might be required. Please refer to\nReferences section for further information about this issue, CPU microcode\nrequirements and the potential performance impact. \n\nIn this update, mitigation for PowerPC architecture is provided. Bugs fixed (https://bugzilla.redhat.com/):\n\n1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c\n1566890 - CVE-2018-3639 hw: cpu: speculative store bypass\n\n6. (BZ#1549731)\n\n* Intel Core X-Series (Skylake) processors use a hardcoded Time Stamp\nCounter (TSC) frequency of 25 MHz. In some cases this can be imprecise and\nlead to timing-related problems such as time drift, timers being triggered\nearly, or TSC clock instability. This update mitigates these problems by no\nlonger using the \"native_calibrate_tsc()\" function to define the TSC\nfrequency. Refined calibration is now used to update the clock rate\naccordingly in these cases. (BZ#1547854)\n\n4. 7) - noarch, x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4187-1 security@debian.org\nhttps://www.debian.org/security/ Ben Hutchings\nMay 01, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2015-9016 CVE-2017-0861 CVE-2017-5715 CVE-2017-5753\n CVE-2017-13166 CVE-2017-13220 CVE-2017-16526 CVE-2017-16911\n CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-18017\n CVE-2017-18203 CVE-2017-18216 CVE-2017-18232 CVE-2017-18241\n CVE-2018-1066 CVE-2018-1068 CVE-2018-1092 CVE-2018-5332\n CVE-2018-5333 CVE-2018-5750 CVE-2018-5803 CVE-2018-6927\n CVE-2018-7492 CVE-2018-7566 CVE-2018-7740 CVE-2018-7757\n CVE-2018-7995 CVE-2018-8781 CVE-2018-8822 CVE-2018-1000004\n CVE-2018-1000199\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks. \n\nCVE-2015-9016\n\n Ming Lei reported a race condition in the multiqueue block layer\n (blk-mq). On a system with a driver using blk-mq (mtip32xx,\n null_blk, or virtio_blk), a local user might be able to use this\n for denial of service or possibly for privilege escalation. \n\nCVE-2017-0861\n\n Robb Glasser reported a potential use-after-free in the ALSA (sound)\n PCM core. We believe this was not possible in practice. \n\nCVE-2017-5715\n\n Multiple researchers have discovered a vulnerability in various\n processors supporting speculative execution, enabling an attacker\n controlling an unprivileged process to read memory from arbitrary\n addresses, including from the kernel and all other processes\n running on the system. \n\n This specific attack has been named Spectre variant 2 (branch\n target injection) and is mitigated for the x86 architecture (amd64\n and i386) by using the \"retpoline\" compiler feature which allows\n indirect branches to be isolated from speculative execution. \n\nCVE-2017-5753\n\n Multiple researchers have discovered a vulnerability in various\n processors supporting speculative execution, enabling an attacker\n controlling an unprivileged process to read memory from arbitrary\n addresses, including from the kernel and all other processes\n running on the system. \n\n This specific attack has been named Spectre variant 1\n (bounds-check bypass) and is mitigated by identifying vulnerable\n code sections (array bounds checking followed by array access) and\n replacing the array access with the speculation-safe\n array_index_nospec() function. \n\n More use sites will be added over time. \n\nCVE-2017-13166\n\n A bug in the 32-bit compatibility layer of the v4l2 ioctl handling\n code has been found. Memory protections ensuring user-provided\n buffers always point to userland memory were disabled, allowing\n destination addresses to be in kernel space. On a 64-bit kernel a\n local user with access to a suitable video device can exploit this\n to overwrite kernel memory, leading to privilege escalation. \n\nCVE-2017-13220\n\n Al Viro reported that the Bluetooth HIDP implementation could\n dereference a pointer before performing the necessary type check. \n A local user could use this to cause a denial of service. \n\nCVE-2017-16526\n\n Andrey Konovalov reported that the UWB subsystem may dereference\n an invalid pointer in an error case. A local user might be able\n to use this for denial of service. \n\nCVE-2017-16911\n\n Secunia Research reported that the USB/IP vhci_hcd driver exposed\n kernel heap addresses to local users. This information could aid the\n exploitation of other vulnerabilities. \n\nCVE-2017-16912\n\n Secunia Research reported that the USB/IP stub driver failed to\n perform a range check on a received packet header field, leading\n to an out-of-bounds read. A remote user able to connect to the\n USB/IP server could use this for denial of service. \n\nCVE-2017-16913\n\n Secunia Research reported that the USB/IP stub driver failed to\n perform a range check on a received packet header field, leading\n to excessive memory allocation. A remote user able to connect to\n the USB/IP server could use this for denial of service. \n\nCVE-2017-16914\n\n Secunia Research reported that the USB/IP stub driver failed to\n check for an invalid combination of fields in a received packet,\n leading to a null pointer dereference. A remote user able to\n connect to the USB/IP server could use this for denial of service. \n\nCVE-2017-18017\n\n Denys Fedoryshchenko reported that the netfilter xt_TCPMSS module\n failed to validate TCP header lengths, potentially leading to a\n use-after-free. If this module is loaded, it could be used by a\n remote attacker for denial of service or possibly for code\n execution. \n\nCVE-2017-18203\n\n Hou Tao reported that there was a race condition in creation and\n deletion of device-mapper (DM) devices. A local user could\n potentially use this for denial of service. \n\nCVE-2017-18216\n\n Alex Chen reported that the OCFS2 filesystem failed to hold a\n necessary lock during nodemanager sysfs file operations,\n potentially leading to a null pointer dereference. A local user\n could use this for denial of service. \n\nCVE-2017-18232\n\n Jason Yan reported a race condition in the SAS (Serial-Attached\n SCSI) subsystem, between probing and destroying a port. This\n could lead to a deadlock. \n\nCVE-2017-18241\n\n Yunlei He reported that the f2fs implementation does not properly\n initialise its state if the \"noflush_merge\" mount option is used. \n A local user with access to a filesystem mounted with this option\n could use this to cause a denial of service. \n\nCVE-2018-1066\n\n Dan Aloni reported to Red Hat that the CIFS client implementation\n would dereference a null pointer if the server sent an invalid\n response during NTLMSSP setup negotiation. This could be used\n by a malicious server for denial of service. \n\nCVE-2018-1068\n\n The syzkaller tool found that the 32-bit compatibility layer of\n ebtables did not sufficiently validate offset values. On a 64-bit\n kernel, a local user with the CAP_NET_ADMIN capability (in any user\n namespace) could use this to overwrite kernel memory, possibly\n leading to privilege escalation. Debian disables unprivileged user\n namespaces by default. \n\nCVE-2018-1092\n\n Wen Xu reported that a crafted ext4 filesystem image would\n trigger a null dereference when mounted. A local user able\n to mount arbitrary filesystems could use this for denial of\n service. \n\nCVE-2018-5332\n\n Mohamed Ghannam reported that the RDS protocol did not\n sufficiently validate RDMA requests, leading to an out-of-bounds\n write. A local attacker on a system with the rds module loaded\n could use this for denial of service or possibly for privilege\n escalation. \n\nCVE-2018-5333\n\n Mohamed Ghannam reported that the RDS protocol did not properly\n handle an error case, leading to a null pointer dereference. A\n local attacker on a system with the rds module loaded could\n possibly use this for denial of service. \n\nCVE-2018-5750\n\n Wang Qize reported that the ACPI sbshc driver logged a kernel heap\n address. This information could aid the exploitation of other\n vulnerabilities. \n\nCVE-2018-5803\n\n Alexey Kodanev reported that the SCTP protocol did not range-check\n the length of chunks to be created. A local or remote user could\n use this to cause a denial of service. \n\nCVE-2018-6927\n\n Li Jinyue reported that the FUTEX_REQUEUE operation on futexes did\n not check for negative parameter values, which might lead to a\n denial of service or other security impact. \n\nCVE-2018-7492\n\n The syzkaller tool found that the RDS protocol was lacking a null\n pointer check. A local attacker on a system with the rds module\n loaded could use this for denial of service. \n\nCVE-2018-7566\n\n Fan LongFei reported a race condition in the ALSA (sound)\n sequencer core, between write and ioctl operations. This could\n lead to an out-of-bounds access or use-after-free. A local user\n with access to a sequencer device could use this for denial of\n service or possibly for privilege escalation. \n\nCVE-2018-7740\n\n Nic Losby reported that the hugetlbfs filesystem\u0027s mmap operation\n did not properly range-check the file offset. A local user with\n access to files on a hugetlbfs filesystem could use this to cause\n a denial of service. \n\nCVE-2018-7757\n\n Jason Yan reported a memory leak in the SAS (Serial-Attached\n SCSI) subsystem. A local user on a system with SAS devices\n could use this to cause a denial of service. \n\nCVE-2018-7995\n\n Seunghun Han reported a race condition in the x86 MCE\n (Machine Check Exception) driver. This is unlikely to have\n any security impact. \n\nCVE-2018-8781\n\n Eyal Itkin reported that the udl (DisplayLink) driver\u0027s mmap\n operation did not properly range-check the file offset. A local\n user with access to a udl framebuffer device could exploit this to\n overwrite kernel memory, leading to privilege escalation. \n\nCVE-2018-8822\n\n Dr Silvio Cesare of InfoSect reported that the ncpfs client\n implementation did not validate reply lengths from the server. An\n ncpfs server could use this to cause a denial of service or\n remote code execution in the client. \n\nCVE-2018-1000004\n\n Luo Quan reported a race condition in the ALSA (sound) sequencer\n core, between multiple ioctl operations. This could lead to a\n deadlock or use-after-free. A local user with access to a\n sequencer device could use this for denial of service or possibly\n for privilege escalation. \n\nCVE-2018-1000199\n\n Andy Lutomirski discovered that the ptrace subsystem did not\n sufficiently validate hardware breakpoint settings. Local users\n can use this to cause a denial of service, or possibly for\n privilege escalation, on x86 (amd64 and i386) and possibly other\n architectures. \n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 3.16.56-1. \n\nWe recommend that you upgrade your linux packages. \n\nFor the detailed security status of linux please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlron61fFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0Rtqw//Xf/L4bP65wU9M59Ef6xBt+Eph+yxeMsioGhu80ODdMemlmHzASMtfZjY\nAXxyt9l8lbHn8MmwDA4aLhhwHYXwvKATdpHSy1SILrRfb4s9P9uV1vsHaIeZ649E\nhDyNon9hP2tPso6BwqiYHZZy9Xxtd+T8vTBeBZwUKOLBkBRvV/gyNSUdJWp6L8WH\naF4D1hHl9ZotDkyIvkubbx77aqbJ88I4R0n69x7L9udFbuXa+U7hV6dJdnpzyl/7\nOukJfEtnkaUgWu0MdOfFss6iH5OQISn/y/ricRi29oKQiEp3YwnT5J9pFwSQeJJS\nH8ABVt251UoS0J+of3QWw0muOT/6UAF8SNpPKMJXC7Euq8pTmYVPSIeUYf4eqn65\nUHZSCKXaszItq+uzVNYdkj504BJ4cG1lFxZtlrFWwKE8p7QOETN0GKvTRdu/SvDd\nHl2nb4HouLpBYS518Th2/MGgzhXXAuO12MH3smenptZbqxKn9Z0XSTJYzFupgJk/\nkKF2xkDFBE4toTLVE+6XdUKwYk4vkeDZyOGOwRYThSkKAzrUh5zThgal4HnknD2A\n5ye4XLhjgSIT47/nmor6lhxd7WGXGkV33GF0azYlHr/sclfzxcU2Ev3NUBWQ8M3s\nCxfIO0FNCzO0WIUf40md7MlIAnDBIRGyYgNIIe7AnSRKKPykEx8=\n=wNQS\n-----END PGP SIGNATURE-----\n. SchAPnherr (Amazon) for reporting CVE-2017-1000252; and Armis Labs\nfor reporting CVE-2017-1000410",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "BID",
"id": "102367"
},
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147229"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147451"
},
{
"db": "PACKETSTORM",
"id": "147232"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18017",
"trust": 3.5
},
{
"db": "BID",
"id": "102367",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2918",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1089",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0570",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "147936",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-109097",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-18017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147229",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147113",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147451",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147232",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "BID",
"id": "102367"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147229"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147451"
},
{
"db": "PACKETSTORM",
"id": "147232"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"id": "VAR-201801-1708",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:58:56.016000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ChangeLog-4.9.36",
"trust": 0.8,
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/changelog-4.9.36"
},
{
"title": "netfilter: xt_TCPMSS: add more sanity tests on tcph-\u003edoff",
"trust": 0.8,
"url": "https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"title": "Linux Kernel Archives",
"trust": 0.8,
"url": "http://www.kernel.org"
},
{
"title": "netfilter: xt_TCPMSS: add more sanity tests on tcph-\u003edoff",
"trust": 0.8,
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"title": "Linux kernel Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77460"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20181737 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20181319 - security advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20181170 - security advisory"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4762a13ce766481780ca81e6d0ac6aca"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20181130 - security advisory"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in the Linux kernel affect the IBM FlashSystem models V840 and V9000",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=7e9caa3ad3bc08db914510b615544169"
},
{
"title": "Red Hat: CVE-2017-18017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-18017"
},
{
"title": "Red Hat: Important: kernel-rt security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20180676 - security advisory"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20181062 - security advisory"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3583-1"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3583-2"
},
{
"title": "Symantec Security Advisories: Linux Kernel Aug 2017 - Sep 2018 Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=b3193a96468975c04eb9f136ca9abec4"
},
{
"title": "Debian Security Advisories: DSA-4187-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=c1e7a2b9a6a788d0d58529e52dc12cc3"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f5bb2b180c7c77e5a02747a1f31830d9"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=ae57a14ec914f60b7203332a77613077"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=05b5bbd6fb289370b459faf1f4e3919d"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2017-18017 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/darngcode/about-linux-azure "
},
{
"title": "network-magic",
"trust": 0.1,
"url": "https://github.com/intrajp/network-magic "
},
{
"title": "hiboma",
"trust": 0.1,
"url": "https://github.com/hiboma/hiboma "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://patchwork.ozlabs.org/patch/746618/"
},
{
"trust": 2.0,
"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765"
},
{
"trust": 2.0,
"url": "https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"trust": 2.0,
"url": "https://lkml.org/lkml/2017/4/2/13"
},
{
"trust": 2.0,
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/changelog-4.9.36"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:0676"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:1130"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:1170"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:1319"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:1737"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102367"
},
{
"trust": 1.7,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k18352029"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"trust": 1.7,
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/4577-security-advisory-34"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:1062"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00030.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00070.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00072.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00014.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-3583-1"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/3583-1/"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-3583-2"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/3583-2/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18017"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18017"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10957179"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2918/"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10957179"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78218"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10957177"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76030"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-18017"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13166"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-8824"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13166"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-1000410"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8824"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1000410"
},
{
"trust": 0.3,
"url": "http://www.kernel.org/"
},
{
"trust": 0.3,
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"trust": 0.3,
"url": "https://www.oracle.com/technetwork/topics/security/linuxbulletinapr2018-4431087.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15265"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-15265"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-17449"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17449"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9725"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-9725"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-1000252"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1000252"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18203"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000004"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-8897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-7645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7645"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3431591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-3639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3461451"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-12154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12154"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-17053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14140"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-15129"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7913"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-6927"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1000407"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1000004"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7913"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-15121"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-15126"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15116"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-17558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-12190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3672"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-8633"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-18203"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-17448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15126"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-14140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-1000407"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15121"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8633"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15129"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15127"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-15116"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-5750"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-7294"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7294"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-15127"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5803"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18241"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1066"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16911"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/linux"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6927"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-9016"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5332"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-0861"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5333"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16914"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16526"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7492"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16913"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1092"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13220"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16912"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3411331"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "BID",
"id": "102367"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147229"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147451"
},
{
"db": "PACKETSTORM",
"id": "147232"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "BID",
"id": "102367"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147229"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147451"
},
{
"db": "PACKETSTORM",
"id": "147232"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-109097"
},
{
"date": "2018-01-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"date": "2018-01-03T00:00:00",
"db": "BID",
"id": "102367"
},
{
"date": "2018-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"date": "2018-05-08T20:33:37",
"db": "PACKETSTORM",
"id": "147535"
},
{
"date": "2018-05-30T19:49:32",
"db": "PACKETSTORM",
"id": "147936"
},
{
"date": "2018-04-18T20:02:50",
"db": "PACKETSTORM",
"id": "147229"
},
{
"date": "2018-04-11T01:22:55",
"db": "PACKETSTORM",
"id": "147113"
},
{
"date": "2018-05-03T01:31:56",
"db": "PACKETSTORM",
"id": "147451"
},
{
"date": "2018-04-18T20:05:04",
"db": "PACKETSTORM",
"id": "147232"
},
{
"date": "2018-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"date": "2018-01-03T06:29:00.517000",
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-19T00:00:00",
"db": "VULHUB",
"id": "VHN-109097"
},
{
"date": "2023-01-19T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"date": "2018-05-02T12:00:00",
"db": "BID",
"id": "102367"
},
{
"date": "2018-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"date": "2021-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"date": "2024-04-24T13:40:09.260000",
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel Uses freed memory vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
}
],
"trust": 0.6
}
}
VAR-201804-1185
Vulnerability from variot - Updated: 2024-07-23 21:58An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of JIT. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2018-0003
Date reported : April 04, 2018 Advisory ID : WSA-2018-0003 Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165.
Several vulnerabilities were discovered in WebKitGTK+. Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Unexpected interaction with indexing types causing an ASSERT failure. Description: An array indexing issue existed in the handling of a function in JavaScriptCore. This issue was addressed through improved checks. Credit to OSS-Fuzz. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher. Impact: A malicious website may exfiltrate data cross-origin. Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Zach Markley. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation. Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack. This issue was addressed with improved URL validation. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to a denial of service. Description: A memory corruption issue was addressed through improved input validation. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases.
Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html
The WebKitGTK+ team, April 04, 2018 . CVE-2018-4117: an anonymous researcher, an anonymous researcher
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2018-3-29-1 iOS 11.3
iOS 11.3 is now available and addresses the following:
Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes Description: An information disclosure issue existed in the handling of alarms and timers. CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer)
CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel GroA (@5aelo) CVE-2018-4158: Samuel GroA (@5aelo)
CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
File System Events Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel GroA (@5aelo)
Files Widget Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: File Widget may display contents on a locked device Description: The File Widget was displaying cached data when in the locked state. CVE-2018-4168: Brandon Moore
Find My iPhone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. CVE-2018-4172: Viljami VastamA$?ki
iCloud Drive Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4151: Samuel GroA (@5aelo)
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6)
Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4174: an anonymous researcher, an anonymous researcher
NSURLSession Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel GroA (@5aelo)
PluginKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4156: Samuel GroA (@5aelo)
Quick Look Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel GroA (@5aelo)
Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department
Safari Login AutoFill Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction. Description: Safari autofill did not require explicit user interaction before taking place. CVE-2018-4137:
SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to user interface spoofing Description: A state management issue was addressed by disabling text input until the destination page loads. CVE-2018-4149: Abhinash Jain (@abhinashjain)
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo)
Storage Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4154: Samuel GroA (@5aelo)
System Preferences Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera
Telephony Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker can cause a device to unexpectedly restart Description: A null pointer dereference issue existed when handling Class 0 SMS messages. CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV
Web App Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in web app Description: A cookie management issue was addressed through improved state management. CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4146: found by OSS-Fuzz
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. CVE-2018-4117: an anonymous researcher, an anonymous researcher
WindowServer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH
Additional recognition
WebKit We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance.
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About.
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0 TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs +Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU 0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi +7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g 70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo= =RJi8 -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3635-1 April 30, 2018
webkit2gtk vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description: - webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1
Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3635-1 CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165
Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1
.
Installation note:
Safari 11.1 may be obtained from the Mac App Store
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1185",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.7.4"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.3"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.3"
},
{
"model": "icloud",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.4"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.1"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "webkitgtk\\+",
"scope": "lt",
"trust": 1.0,
"vendor": "webkitgtk",
"version": "2.20.4"
},
{
"model": "icloud",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.4 (windows 7 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (ipad air or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (iphone 5s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (ipod touch first 6 generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 12.7.4 ( target os : windows 7 or later )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (macos high sierra 10.13.4)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (macos sierra 10.12.6)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (os x el capitan 10.11.6)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (apple tv 4k)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (apple tv first 4 generation )"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "4.3 (apple watch all models )"
},
{
"model": "safari",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.4.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.3.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.3.1"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.0.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-180"
},
{
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.7.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.20.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WanderingGlitch - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-276"
}
],
"trust": 0.7
},
"cve": "CVE-2018-4125",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-4125",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-134156",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-4125",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4125",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-4125",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-180",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134156",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-4125",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"db": "VULHUB",
"id": "VHN-134156"
},
{
"db": "VULMON",
"id": "CVE-2018-4125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-180"
},
{
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of JIT. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. ------------------------------------------------------------------------\nWebKitGTK+ Security Advisory WSA-2018-0003\n------------------------------------------------------------------------\n\nDate reported : April 04, 2018\nAdvisory ID : WSA-2018-0003\nAdvisory URL : https://webkitgtk.org/security/WSA-2018-0003.html\nCVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114,\n CVE-2018-4117, CVE-2018-4118, CVE-2018-4119,\n CVE-2018-4120, CVE-2018-4122, CVE-2018-4125,\n CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,\n CVE-2018-4133, CVE-2018-4146, CVE-2018-4161,\n CVE-2018-4162, CVE-2018-4163, CVE-2018-4165. \n\nSeveral vulnerabilities were discovered in WebKitGTK+. \n Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to OSS-Fuzz. \n Impact: Unexpected interaction with indexing types causing an ASSERT\n failure. Description: An array indexing issue existed in the\n handling of a function in JavaScriptCore. This issue was addressed\n through improved checks. \n Credit to OSS-Fuzz. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher. \n Impact: A malicious website may exfiltrate data cross-origin. \n Description: A cross-origin issue existed with the fetch API. This\n was addressed through improved input validation. \n Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher working with Trend Microys Zero\n Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher working with Trend Microys Zero\n Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Zach Markley. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to likemeng of Baidu Security Lab working with Trend Micro\u0027s\n Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify\n (detectify.com), Yuji Tounai of NTT Communications Corporation. \n Impact: Visiting a maliciously crafted website may lead to a cross-\n site scripting attack. This issue was addressed with improved URL\n validation. \n Credit to OSS-Fuzz. \n Impact: Processing maliciously crafted web content may lead to a\n denial of service. Description: A memory corruption issue was\n addressed through improved input validation. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n\n\nWe recommend updating to the last stable version of WebKitGTK+. It is\nthe best way of ensuring that you are running a safe version of\nWebKitGTK+. Please check our website for information about the last\nstable releases. \n\nFurther information about WebKitGTK+ Security Advisories can be found\nat: https://webkitgtk.org/security.html\n\nThe WebKitGTK+ team,\nApril 04, 2018\n. \nCVE-2018-4117: an anonymous researcher, an anonymous researcher\n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2018-3-29-1 iOS 11.3\n\niOS 11.3 is now available and addresses the following:\n\nClock\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A person with physical access to an iOS device may be able to\nsee the email address used for iTunes\nDescription: An information disclosure issue existed in the handling\nof alarms and timers. \nCVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer)\n\nCoreFoundation\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4155: Samuel GroA (@5aelo)\nCVE-2018-4158: Samuel GroA (@5aelo)\n\nCoreText\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing a maliciously crafted string may lead to a denial\nof service\nDescription: A denial of service issue was addressed through improved\nmemory handling. \nCVE-2018-4142: Robin Leroy of Google Switzerland GmbH\n\nFile System Events\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4167: Samuel GroA (@5aelo)\n\nFiles Widget\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: File Widget may display contents on a locked device\nDescription: The File Widget was displaying cached data when in the\nlocked state. \nCVE-2018-4168: Brandon Moore\n\nFind My iPhone\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A person with physical access to the device may be able to\ndisable Find My iPhone without entering an iCloud password\nDescription: A state management issue existed when restoring from a\nback up. \nCVE-2018-4172: Viljami VastamA$?ki\n\niCloud Drive\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4151: Samuel GroA (@5aelo)\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4150: an anonymous researcher\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4104: The UK\u0027s National Cyber Security Centre (NCSC)\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4143: derrek (@derrekr6)\n\nMail\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker in a privileged network position may be able to\nintercept the contents of S/MIME-encrypted e-mail\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4174: an anonymous researcher, an anonymous researcher\n\nNSURLSession\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4166: Samuel GroA (@5aelo)\n\nPluginKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4156: Samuel GroA (@5aelo)\n\nQuick Look\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4157: Samuel GroA (@5aelo)\n\nSafari\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website by clicking a link may lead to\nuser interface spoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4134: xisigr of Tencent\u0027s Xuanwu Lab (tencent.com), Zhiyang\nZeng (@Wester) of Tencent Security Platform Department\n\nSafari Login AutoFill\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may be able to exfiltrate autofilled data\nin Safari without explicit user interaction. \nDescription: Safari autofill did not require explicit user\ninteraction before taking place. \nCVE-2018-4137:\n\nSafariViewController\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website may lead to user interface\nspoofing\nDescription: A state management issue was addressed by disabling text\ninput until the destination page loads. \nCVE-2018-4149: Abhinash Jain (@abhinashjain)\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to elevate privileges\nDescription: A buffer overflow was addressed with improved size\nvalidation. \nCVE-2018-4144: Abraham Masri (@cheesecakeufo)\n\nStorage\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4154: Samuel GroA (@5aelo)\n\nSystem Preferences\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A configuration profile may incorrectly remain in effect\nafter removal\nDescription: An issue existed in CFPreferences. \nCVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of\nWandera\n\nTelephony\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A remote attacker can cause a device to unexpectedly restart\nDescription: A null pointer dereference issue existed when handling\nClass 0 SMS messages. \nCVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV\n\nWeb App\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Cookies may unexpectedly persist in web app\nDescription: A cookie management issue was addressed through improved\nstate management. \nCVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4146: found by OSS-Fuzz\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may exfiltrate data cross-origin\nDescription: A cross-origin issue existed with the fetch API. \nCVE-2018-4117: an anonymous researcher, an anonymous researcher\n\nWindowServer\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An unprivileged application may be able to log keystrokes\nentered into other applications even when secure input mode is\nenabled\nDescription: By scanning key states, an unprivileged application\ncould log keystrokes entered into other applications even when secure\ninput mode was enabled. \nCVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH\n\nAdditional recognition\n\nWebKit\nWe would like to acknowledge Johnny Nipper of Tinder Security Team\nfor their assistance. \n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom https://www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA\nto9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0\nTM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs\n+Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq\ng6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z\noL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU\n0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi\n+7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy\nIqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo\nRl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g\n70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj\nqlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo=\n=RJi8\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-3635-1\nApril 30, 2018\n\nwebkit2gtk vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.10\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in WebKitGTK+. \n\nSoftware Description:\n- webkit2gtk: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKitGTK+ Web and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.10:\n libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1\n libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1\n\nUbuntu 16.04 LTS:\n libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1\n libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any applications\nthat use WebKitGTK+, such as Epiphany, to make all the necessary changes. \n\nReferences:\n https://usn.ubuntu.com/usn/usn-3635-1\n CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,\n CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,\n CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,\n CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,\n CVE-2018-4163, CVE-2018-4165\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1\n\n. \n\nInstallation note:\n\nSafari 11.1 may be obtained from the Mac App Store",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"db": "VULHUB",
"id": "VHN-134156"
},
{
"db": "VULMON",
"id": "CVE-2018-4125"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146965"
},
{
"db": "PACKETSTORM",
"id": "146964"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146970"
},
{
"db": "PACKETSTORM",
"id": "146971"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4125",
"trust": 4.0
},
{
"db": "SECTRACK",
"id": "1040604",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU92378299",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5524",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-276",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201804-180",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-134156",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4125",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147241",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146965",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146964",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147433",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146969",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146970",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146971",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"db": "VULHUB",
"id": "VHN-134156"
},
{
"db": "VULMON",
"id": "CVE-2018-4125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146965"
},
{
"db": "PACKETSTORM",
"id": "146964"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146970"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-180"
},
{
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"id": "VAR-201804-1185",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134156"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:58:31.021000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT208697",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208697"
},
{
"title": "HT208698",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208698"
},
{
"title": "HT208693",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208693"
},
{
"title": "HT208694",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208694"
},
{
"title": "HT208695",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208695"
},
{
"title": "HT208696",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208696"
},
{
"title": "HT208693",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208693"
},
{
"title": "HT208694",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208694"
},
{
"title": "HT208695",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208695"
},
{
"title": "HT208696",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208696"
},
{
"title": "HT208697",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208697"
},
{
"title": "HT208698",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208698"
},
{
"title": "Apple has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://support.apple.com/kb/ht201222"
},
{
"title": "Multiple Apple product WebKit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83032"
},
{
"title": "Apple: Safari 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=ee3f60ca20e25abaeeaa2929b7de559a"
},
{
"title": "Apple: watchOS 4.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0c9672f464c8ecdde98d280637ecb1c5"
},
{
"title": "Apple: iCloud for Windows 7.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=3c324dcae1b032626ce2245c5900fb36"
},
{
"title": "Ubuntu Security Notice: webkit2gtk vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3635-1"
},
{
"title": "Apple: iTunes 12.7.4 for Windows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=1b3706ef4ba6948ac20ebbbcffe7bc29"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2196fa008592287290cbd6678fbe10d4"
},
{
"title": "Apple: tvOS 11.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0eeec7064403af3bc921bd387f797adc"
},
{
"title": "Apple: iOS 11.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=66db9acd354635a683838e3cd9bc2d76"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"db": "VULMON",
"id": "CVE-2018-4125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-180"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/3635-1/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208693"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208694"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208695"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208696"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208697"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208698"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201808-04"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1040604"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4125"
},
{
"trust": 1.2,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4125"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92378299/index.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4114"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4113"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4146"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4122"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4117"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4129"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4101"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4120"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4161"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4127"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4162"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4128"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4118"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4119"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4163"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4165"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4121"
},
{
"trust": 0.5,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4144"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4130"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4133"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4143"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4142"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4115"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4104"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4150"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4137"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht208695"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0003.html"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4155"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4166"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4158"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4167"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4157"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4123"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4149"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4110"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4134"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4131"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3635-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4102"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4116"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht204283"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"db": "VULHUB",
"id": "VHN-134156"
},
{
"db": "VULMON",
"id": "CVE-2018-4125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146965"
},
{
"db": "PACKETSTORM",
"id": "146964"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146970"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-180"
},
{
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"db": "VULHUB",
"id": "VHN-134156"
},
{
"db": "VULMON",
"id": "CVE-2018-4125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146965"
},
{
"db": "PACKETSTORM",
"id": "146964"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146970"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-180"
},
{
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"date": "2018-04-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134156"
},
{
"date": "2018-04-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4125"
},
{
"date": "2018-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"date": "2018-04-18T13:33:33",
"db": "PACKETSTORM",
"id": "147241"
},
{
"date": "2018-03-30T15:52:32",
"db": "PACKETSTORM",
"id": "146965"
},
{
"date": "2018-03-30T15:52:10",
"db": "PACKETSTORM",
"id": "146964"
},
{
"date": "2018-05-02T04:32:41",
"db": "PACKETSTORM",
"id": "147433"
},
{
"date": "2018-03-30T15:55:24",
"db": "PACKETSTORM",
"id": "146969"
},
{
"date": "2018-03-30T15:55:41",
"db": "PACKETSTORM",
"id": "146970"
},
{
"date": "2018-03-30T15:56:03",
"db": "PACKETSTORM",
"id": "146971"
},
{
"date": "2018-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-180"
},
{
"date": "2018-04-03T06:29:05.530000",
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-276"
},
{
"date": "2019-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-134156"
},
{
"date": "2019-03-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4125"
},
{
"date": "2018-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003706"
},
{
"date": "2019-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-180"
},
{
"date": "2019-03-08T16:06:35.920000",
"db": "NVD",
"id": "CVE-2018-4125"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-180"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Used in products WebKit Vulnerability in arbitrary code execution in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003706"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-180"
}
],
"trust": 0.6
}
}
VAR-201406-0230
Vulnerability from variot - Updated: 2024-07-23 21:56The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. The NFSv4 implementation is one of the distributed file system protocols. The vulnerability is due to the fact that the program does not initialize the data structure correctly. ============================================================================ Ubuntu Security Notice USN-2336-1 September 02, 2014
linux-lts-trusty vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty
Details:
A flaw was discovered in the Linux kernel virtual machine's (kvm) validation of interrupt requests (irq). A guest OS user could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0155)
Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket is passed to a process of more privilege. (CVE-2014-0181)
An information leak was discovered in the Linux kernels aio_read_events_ring function. (CVE-2014-4027)
Sasha Levin reported an issue with the Linux kernel's shared memory subsystem when used with range notifications and hole punching. (CVE-2014-4171)
Toralf F=C3=B6rster reported an error in the Linux kernels syscall auditing on 32 bit x86 platforms. (CVE-2014-4667)
Vasily Averin discover a reference count flaw during attempts to umount in conjunction with a symlink. (CVE-2014-5045)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: linux-image-3.13.0-35-generic 3.13.0-35.62~precise1 linux-image-3.13.0-35-generic-lpae 3.13.0-35.62~precise1
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2014:155 http://www.mandriva.com/en/support/security/
Package : kernel Date : August 7, 2014 Affected: Business Server 1.0
Problem Description:
Multiple vulnerabilities has been found and corrected in the Linux kernel:
Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_uil_put_info and (2) wvlan_set_station_nickname functions (CVE-2013-4514).
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls (CVE-2014-4699). The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFT4yfXmqjQ0CJFipgRAuk5AKDbuUKogDrhb4iKIs1yOP4IQdpAcwCgodf8 OMQTfJFCDxSAMSI8iUevOkc= =mxBf -----END PGP SIGNATURE----- . (CVE-2014-4943)
Michael S. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:1971-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1971.html Issue date: 2014-12-09 CVE Names: CVE-2013-2929 CVE-2014-1739 CVE-2014-3181 CVE-2014-3182 CVE-2014-3184 CVE-2014-3185 CVE-2014-3186 CVE-2014-3631 CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-4027 CVE-2014-4652 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-5045 CVE-2014-6410 =====================================================================
- Summary:
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
The kernel packages contain the Linux kernel, the core of any Linux operating system.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
-
Description:
-
A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. (CVE-2014-3673, CVE-2014-3687, Important)
-
A flaw was found in the way the Linux kernel's SCTP implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service. (CVE-2014-3688, Important)
-
Two flaws were found in the way the Apple Magic Mouse/Trackpad multi-touch driver and the Minibox PicoLCD driver handled invalid HID reports. An attacker with physical access to the system could use these flaws to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3181, CVE-2014-3186, Moderate)
-
A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate)
-
A flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-3631, Moderate)
-
Multiple flaws were found in the way the Linux kernel's ALSA implementation handled user controls. A local, privileged user could use either of these flaws to crash the system. (CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, Moderate)
-
A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in a system crash or privilege escalation. (CVE-2014-5045, Moderate)
-
A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information. (CVE-2013-2929, Low)
-
A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's UDF file system implementation processed indirect ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the system. (CVE-2014-1739, Low)
-
An out-of-bounds read flaw in the Logitech Unifying receiver driver could allow an attacker with physical access to the system to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3182, Low)
-
Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled invalid HID reports. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer. (CVE-2014-3184, Low)
-
An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp) back end driver of the iSCSI Target subsystem could allow a privileged user to leak the contents of kernel memory to an iSCSI initiator remote client. (CVE-2014-4652, Low)
-
Solution:
Red Hat would like to thank Frey Alfredsson for reporting CVE-2014-3631, and Vasily Averin of Parallels for reporting CVE-2014-5045. The CVE-2014-3673 was discovered by Liu Wei of Red Hat.
All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.
- Bugs fixed (https://bugzilla.redhat.com/):
1028148 - CVE-2013-2929 kernel: exec/ptrace: get_dumpable() incorrect tests 1108744 - CVE-2014-4027 Kernel: target/rd: imformation leakage 1109774 - CVE-2014-1739 Kernel: drivers: media: an information leakage 1113406 - CVE-2014-4652 Kernel: ALSA: control: protect user controls against races & memory disclosure 1113445 - CVE-2014-4654 CVE-2014-4655 Kernel: ALSA: control: use-after-free in replacing user controls 1113470 - CVE-2014-4656 Kernel: ALSA: control: integer overflow in id.index & id.numid 1122472 - CVE-2014-5045 kernel: vfs: refcount issues during unmount on symlink 1140325 - CVE-2014-3631 kernel: keys: incorrect termination condition in assoc array garbage collection 1141173 - CVE-2014-3181 Kernel: HID: OOB write in magicmouse driver 1141210 - CVE-2014-3182 Kernel: HID: logitech-dj OOB array access 1141391 - CVE-2014-3184 Kernel: HID: off by one error in various _report_fixup routines 1141400 - CVE-2014-3185 Kernel: USB serial: memory corruption flaw 1141407 - CVE-2014-3186 Kernel: HID: memory corruption via OOB write 1141809 - CVE-2014-6410 kernel: udf: Avoid infinite loop when processing indirect ICBs 1147850 - CVE-2014-3673 kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks 1155731 - CVE-2014-3687 kernel: net: sctp: fix panic on duplicate ASCONF chunks 1155745 - CVE-2014-3688 kernel: net: sctp: remote memory pressure from excessive queueing
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-123.13.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm
x86_64: kernel-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm kernel-devel-3.10.0-123.13.1.el7.x86_64.rpm kernel-headers-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm perf-3.10.0-123.13.1.el7.x86_64.rpm perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: kernel-doc-3.10.0-123.13.1.el7.noarch.rpm
x86_64: kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm python-perf-3.10.0-123.13.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-123.13.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm
x86_64: kernel-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm kernel-devel-3.10.0-123.13.1.el7.x86_64.rpm kernel-headers-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm perf-3.10.0-123.13.1.el7.x86_64.rpm perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch: kernel-doc-3.10.0-123.13.1.el7.noarch.rpm
x86_64: kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm python-perf-3.10.0-123.13.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-123.13.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm
ppc64: kernel-3.10.0-123.13.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-123.13.1.el7.ppc64.rpm kernel-debug-3.10.0-123.13.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-123.13.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-123.13.1.el7.ppc64.rpm kernel-devel-3.10.0-123.13.1.el7.ppc64.rpm kernel-headers-3.10.0-123.13.1.el7.ppc64.rpm kernel-tools-3.10.0-123.13.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-123.13.1.el7.ppc64.rpm perf-3.10.0-123.13.1.el7.ppc64.rpm perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
s390x: kernel-3.10.0-123.13.1.el7.s390x.rpm kernel-debug-3.10.0-123.13.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-123.13.1.el7.s390x.rpm kernel-debug-devel-3.10.0-123.13.1.el7.s390x.rpm kernel-debuginfo-3.10.0-123.13.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-123.13.1.el7.s390x.rpm kernel-devel-3.10.0-123.13.1.el7.s390x.rpm kernel-headers-3.10.0-123.13.1.el7.s390x.rpm kernel-kdump-3.10.0-123.13.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-123.13.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-123.13.1.el7.s390x.rpm perf-3.10.0-123.13.1.el7.s390x.rpm perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
x86_64: kernel-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm kernel-devel-3.10.0-123.13.1.el7.x86_64.rpm kernel-headers-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm perf-3.10.0-123.13.1.el7.x86_64.rpm perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: kernel-doc-3.10.0-123.13.1.el7.noarch.rpm
ppc64: kernel-debug-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-123.13.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-123.13.1.el7.ppc64.rpm perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm python-perf-3.10.0-123.13.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm
s390x: kernel-debug-debuginfo-3.10.0-123.13.1.el7.s390x.rpm kernel-debuginfo-3.10.0-123.13.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-123.13.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-123.13.1.el7.s390x.rpm perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm python-perf-3.10.0-123.13.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm
x86_64: kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm python-perf-3.10.0-123.13.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-123.13.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm
x86_64: kernel-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm kernel-devel-3.10.0-123.13.1.el7.x86_64.rpm kernel-headers-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm perf-3.10.0-123.13.1.el7.x86_64.rpm perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch: kernel-doc-3.10.0-123.13.1.el7.noarch.rpm
x86_64: kernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm python-perf-3.10.0-123.13.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2013-2929 https://access.redhat.com/security/cve/CVE-2014-1739 https://access.redhat.com/security/cve/CVE-2014-3181 https://access.redhat.com/security/cve/CVE-2014-3182 https://access.redhat.com/security/cve/CVE-2014-3184 https://access.redhat.com/security/cve/CVE-2014-3185 https://access.redhat.com/security/cve/CVE-2014-3186 https://access.redhat.com/security/cve/CVE-2014-3631 https://access.redhat.com/security/cve/CVE-2014-3673 https://access.redhat.com/security/cve/CVE-2014-3687 https://access.redhat.com/security/cve/CVE-2014-3688 https://access.redhat.com/security/cve/CVE-2014-4027 https://access.redhat.com/security/cve/CVE-2014-4652 https://access.redhat.com/security/cve/CVE-2014-4654 https://access.redhat.com/security/cve/CVE-2014-4655 https://access.redhat.com/security/cve/CVE-2014-4656 https://access.redhat.com/security/cve/CVE-2014-5045 https://access.redhat.com/security/cve/CVE-2014-6410 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUh2CJXlSAg2UNWIIRArzSAJ95AhqaUI998VyNBJGQaTXfSHeJuQCdFjTp 6IsJOT0XYi+TiyneMDOm9f4= =a0Ai -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Relevant releases/architectures:
MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64
-
(CVE-2014-3153, Important)
-
It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. (CVE-2014-4699, Important)
Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.
-
It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. (CVE-2014-0181, Moderate)
-
It was found that the aio_read_events_ring() function of the Linux kernel's Asynchronous I/O (AIO) subsystem did not properly sanitize the AIO ring head received from user space. (CVE-2014-0206, Moderate)
-
An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153. Bugs fixed (https://bugzilla.redhat.com/):
1094265 - CVE-2014-0181 kernel: net: insufficient permision checks of netlink messages 1094602 - CVE-2014-0206 kernel: aio: insufficient sanitization of head in aio_read_events_ring() 1096775 - CVE-2014-3144 CVE-2014-3145 Kernel: filter: prevent nla extensions to peek beyond the end of the message 1102571 - CVE-2014-3917 kernel: DoS with syscall auditing 1103626 - CVE-2014-3153 kernel: futex: pi futexes requeue issue 1104097 - CVE-2014-3940 Kernel: missing check during hugepage migration 1108744 - CVE-2014-4027 Kernel: target/rd: imformation leakage 1113967 - CVE-2014-4667 kernel: sctp: sk_ack_backlog wrap-around problem 1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address
6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0230",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kernel",
"scope": "lt",
"trust": 1.8,
"vendor": "linux",
"version": "3.14"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "enterprise manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-iq application delivery controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-iq device",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-iq security",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-iq device",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "big-ip protocol security module",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "linux enterprise high availability extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "big-iq security",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-iq cloud",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "enterprise manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "3.0.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-iq cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "big-ip protocol security module",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "linux enterprise real time extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.39"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.34"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.35"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.33"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.4.3"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-527"
},
{
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "128090"
},
{
"db": "PACKETSTORM",
"id": "128089"
},
{
"db": "PACKETSTORM",
"id": "127515"
},
{
"db": "PACKETSTORM",
"id": "128091"
}
],
"trust": 0.4
},
"cve": "CVE-2014-4027",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.4,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-4027",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.4,
"id": "VHN-71967",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-4027",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-527",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-71967",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71967"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-527"
},
{
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. The NFSv4 implementation is one of the distributed file system protocols. The vulnerability is due to the fact that the program does not initialize the data structure correctly. ============================================================================\nUbuntu Security Notice USN-2336-1\nSeptember 02, 2014\n\nlinux-lts-trusty vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the kernel. \n\nSoftware Description:\n- linux-lts-trusty: Linux hardware enablement kernel from Trusty\n\nDetails:\n\nA flaw was discovered in the Linux kernel virtual machine\u0027s (kvm)\nvalidation of interrupt requests (irq). A guest OS user could exploit this\nflaw to cause a denial of service (host OS crash). (CVE-2014-0155)\n\nAndy Lutomirski discovered a flaw in the authorization of netlink socket\noperations when a socket is passed to a process of more privilege. \n(CVE-2014-0181)\n\nAn information leak was discovered in the Linux kernels\naio_read_events_ring function. (CVE-2014-4027)\n\nSasha Levin reported an issue with the Linux kernel\u0027s shared memory\nsubsystem when used with range notifications and hole punching. (CVE-2014-4171)\n\nToralf F=C3=B6rster reported an error in the Linux kernels syscall auditing on\n32 bit x86 platforms. (CVE-2014-4667)\n\nVasily Averin discover a reference count flaw during attempts to umount in\nconjunction with a symlink. (CVE-2014-5045)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n linux-image-3.13.0-35-generic 3.13.0-35.62~precise1\n linux-image-3.13.0-35-generic-lpae 3.13.0-35.62~precise1\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. Unless you\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\nlinux-server, linux-powerpc), a standard system upgrade will automatically\nperform this as well. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2014:155\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : kernel\n Date : August 7, 2014\n Affected: Business Server 1.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been found and corrected in the Linux\n kernel:\n \n Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c\n in the Linux kernel before 3.12 allow local users to cause a\n denial of service or possibly have unspecified other impact\n by leveraging the CAP_NET_ADMIN capability and providing a long\n station-name string, related to the (1) wvlan_uil_put_info and (2)\n wvlan_set_station_nickname functions (CVE-2013-4514). \n \n The Linux kernel before 3.15.4 on Intel processors does not properly\n restrict use of a non-canonical value for the saved RIP address in\n the case of a system call that does not use IRET, which allows local\n users to leverage a race condition and gain privileges, or cause\n a denial of service (double fault), via a crafted application that\n makes ptrace and fork system calls (CVE-2014-4699). The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFT4yfXmqjQ0CJFipgRAuk5AKDbuUKogDrhb4iKIs1yOP4IQdpAcwCgodf8\nOMQTfJFCDxSAMSI8iUevOkc=\n=mxBf\n-----END PGP SIGNATURE-----\n. (CVE-2014-4943)\n\nMichael S. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2014:1971-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1971.html\nIssue date: 2014-12-09\nCVE Names: CVE-2013-2929 CVE-2014-1739 CVE-2014-3181 \n CVE-2014-3182 CVE-2014-3184 CVE-2014-3185 \n CVE-2014-3186 CVE-2014-3631 CVE-2014-3673 \n CVE-2014-3687 CVE-2014-3688 CVE-2014-4027 \n CVE-2014-4652 CVE-2014-4654 CVE-2014-4655 \n CVE-2014-4656 CVE-2014-5045 CVE-2014-6410 \n=====================================================================\n\n1. Summary:\n\nUpdated kernel packages that fix multiple security issues and several bugs\nare now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64\n\n3. Description:\n\n* A flaw was found in the way the Linux kernel\u0027s SCTP implementation\nhandled malformed or duplicate Address Configuration Change Chunks\n(ASCONF). A remote attacker could use either of these flaws to crash the\nsystem. (CVE-2014-3673, CVE-2014-3687, Important)\n\n* A flaw was found in the way the Linux kernel\u0027s SCTP implementation\nhandled the association\u0027s output queue. A remote attacker could send\nspecially crafted packets that would cause the system to use an excessive\namount of memory, leading to a denial of service. (CVE-2014-3688,\nImportant)\n\n* Two flaws were found in the way the Apple Magic Mouse/Trackpad\nmulti-touch driver and the Minibox PicoLCD driver handled invalid HID\nreports. An attacker with physical access to the system could use these\nflaws to crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-3181, CVE-2014-3186, Moderate)\n\n* A memory corruption flaw was found in the way the USB ConnectTech\nWhiteHEAT serial driver processed completion commands sent via USB Request\nBlocks buffers. An attacker with physical access to the system could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system. (CVE-2014-3185, Moderate)\n\n* A flaw was found in the way the Linux kernel\u0027s keys subsystem handled the\ntermination condition in the associative array garbage collection\nfunctionality. A local, unprivileged user could use this flaw to crash the\nsystem. (CVE-2014-3631, Moderate)\n\n* Multiple flaws were found in the way the Linux kernel\u0027s ALSA\nimplementation handled user controls. A local, privileged user could use\neither of these flaws to crash the system. (CVE-2014-4654, CVE-2014-4655,\nCVE-2014-4656, Moderate)\n\n* A flaw was found in the way the Linux kernel\u0027s VFS subsystem handled\nreference counting when performing unmount operations on symbolic links. \nA local, unprivileged user could use this flaw to exhaust all available\nmemory on the system or, potentially, trigger a use-after-free error,\nresulting in a system crash or privilege escalation. (CVE-2014-5045,\nModerate)\n\n* A flaw was found in the way the get_dumpable() function return value was\ninterpreted in the ptrace subsystem of the Linux kernel. When\n\u0027fs.suid_dumpable\u0027 was set to 2, a local, unprivileged local user could\nuse this flaw to bypass intended ptrace restrictions and obtain\npotentially sensitive information. (CVE-2013-2929, Low)\n\n* A stack overflow flaw caused by infinite recursion was found in the way\nthe Linux kernel\u0027s UDF file system implementation processed indirect ICBs. \nAn attacker with physical access to the system could use a specially\ncrafted UDF image to crash the system. (CVE-2014-1739,\nLow)\n\n* An out-of-bounds read flaw in the Logitech Unifying receiver driver could\nallow an attacker with physical access to the system to crash the system\nor, potentially, escalate their privileges on the system. (CVE-2014-3182,\nLow)\n\n* Multiple out-of-bounds write flaws were found in the way the Cherry\nCymotion keyboard driver, KYE/Genius device drivers, Logitech device\ndrivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote\ncontrol driver, and Sunplus wireless desktop driver handled invalid HID\nreports. An attacker with physical access to the system could use either of\nthese flaws to write data past an allocated memory buffer. (CVE-2014-3184,\nLow)\n\n* An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp)\nback end driver of the iSCSI Target subsystem could allow a privileged user\nto leak the contents of kernel memory to an iSCSI initiator remote client. \n(CVE-2014-4652, Low)\n\n4. Solution:\n\nRed Hat would like to thank Frey Alfredsson for reporting CVE-2014-3631,\nand Vasily Averin of Parallels for reporting CVE-2014-5045. The\nCVE-2014-3673 was discovered by Liu Wei of Red Hat. \n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect. \n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not use\n\"rpm -Uvh\" as that will remove the running kernel binaries from your\nsystem. You may use \"rpm -e\" to remove old kernels after determining that\nthe new kernel functions properly on your system. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1028148 - CVE-2013-2929 kernel: exec/ptrace: get_dumpable() incorrect tests\n1108744 - CVE-2014-4027 Kernel: target/rd: imformation leakage\n1109774 - CVE-2014-1739 Kernel: drivers: media: an information leakage\n1113406 - CVE-2014-4652 Kernel: ALSA: control: protect user controls against races \u0026 memory disclosure\n1113445 - CVE-2014-4654 CVE-2014-4655 Kernel: ALSA: control: use-after-free in replacing user controls\n1113470 - CVE-2014-4656 Kernel: ALSA: control: integer overflow in id.index \u0026 id.numid\n1122472 - CVE-2014-5045 kernel: vfs: refcount issues during unmount on symlink\n1140325 - CVE-2014-3631 kernel: keys: incorrect termination condition in assoc array garbage collection\n1141173 - CVE-2014-3181 Kernel: HID: OOB write in magicmouse driver\n1141210 - CVE-2014-3182 Kernel: HID: logitech-dj OOB array access\n1141391 - CVE-2014-3184 Kernel: HID: off by one error in various _report_fixup routines\n1141400 - CVE-2014-3185 Kernel: USB serial: memory corruption flaw\n1141407 - CVE-2014-3186 Kernel: HID: memory corruption via OOB write\n1141809 - CVE-2014-6410 kernel: udf: Avoid infinite loop when processing indirect ICBs\n1147850 - CVE-2014-3673 kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks\n1155731 - CVE-2014-3687 kernel: net: sctp: fix panic on duplicate ASCONF chunks\n1155745 - CVE-2014-3688 kernel: net: sctp: remote memory pressure from excessive queueing\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-123.13.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-devel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-headers-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm\nperf-3.10.0-123.13.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\nkernel-doc-3.10.0-123.13.1.el7.noarch.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-123.13.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-devel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-headers-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm\nperf-3.10.0-123.13.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\nkernel-doc-3.10.0-123.13.1.el7.noarch.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-123.13.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-debug-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-devel-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-headers-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-tools-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-123.13.1.el7.ppc64.rpm\nperf-3.10.0-123.13.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\n\ns390x:\nkernel-3.10.0-123.13.1.el7.s390x.rpm\nkernel-debug-3.10.0-123.13.1.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\nkernel-debug-devel-3.10.0-123.13.1.el7.s390x.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-123.13.1.el7.s390x.rpm\nkernel-devel-3.10.0-123.13.1.el7.s390x.rpm\nkernel-headers-3.10.0-123.13.1.el7.s390x.rpm\nkernel-kdump-3.10.0-123.13.1.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-123.13.1.el7.s390x.rpm\nperf-3.10.0-123.13.1.el7.s390x.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-devel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-headers-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm\nperf-3.10.0-123.13.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\nkernel-doc-3.10.0-123.13.1.el7.noarch.rpm\n\nppc64:\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-123.13.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\npython-perf-3.10.0-123.13.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.ppc64.rpm\n\ns390x:\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-123.13.1.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\npython-perf-3.10.0-123.13.1.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.s390x.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-123.13.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-123.13.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-devel-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-headers-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-123.13.1.el7.x86_64.rpm\nperf-3.10.0-123.13.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nnoarch:\nkernel-doc-3.10.0-123.13.1.el7.noarch.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-123.13.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-3.10.0-123.13.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-123.13.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2013-2929\nhttps://access.redhat.com/security/cve/CVE-2014-1739\nhttps://access.redhat.com/security/cve/CVE-2014-3181\nhttps://access.redhat.com/security/cve/CVE-2014-3182\nhttps://access.redhat.com/security/cve/CVE-2014-3184\nhttps://access.redhat.com/security/cve/CVE-2014-3185\nhttps://access.redhat.com/security/cve/CVE-2014-3186\nhttps://access.redhat.com/security/cve/CVE-2014-3631\nhttps://access.redhat.com/security/cve/CVE-2014-3673\nhttps://access.redhat.com/security/cve/CVE-2014-3687\nhttps://access.redhat.com/security/cve/CVE-2014-3688\nhttps://access.redhat.com/security/cve/CVE-2014-4027\nhttps://access.redhat.com/security/cve/CVE-2014-4652\nhttps://access.redhat.com/security/cve/CVE-2014-4654\nhttps://access.redhat.com/security/cve/CVE-2014-4655\nhttps://access.redhat.com/security/cve/CVE-2014-4656\nhttps://access.redhat.com/security/cve/CVE-2014-5045\nhttps://access.redhat.com/security/cve/CVE-2014-6410\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUh2CJXlSAg2UNWIIRArzSAJ95AhqaUI998VyNBJGQaTXfSHeJuQCdFjTp\n6IsJOT0XYi+TiyneMDOm9f4=\n=a0Ai\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Relevant releases/architectures:\n\nMRG Realtime for RHEL 6 Server v.2 - noarch, x86_64\n\n3. (CVE-2014-3153, Important)\n\n* It was found that the Linux kernel\u0027s ptrace subsystem allowed a traced\nprocess\u0027 instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU. \n\n* It was found that the permission checks performed by the Linux kernel\nwhen a netlink message was received were not sufficient. (CVE-2014-0181, Moderate)\n\n* It was found that the aio_read_events_ring() function of the Linux\nkernel\u0027s Asynchronous I/O (AIO) subsystem did not properly sanitize the AIO\nring head received from user space. (CVE-2014-0206, Moderate)\n\n* An out-of-bounds memory access flaw was found in the Netlink Attribute\nextension of the Berkeley Packet Filter (BPF) interpreter functionality in\nthe Linux kernel\u0027s networking implementation. Google acknowledges Pinkie Pie as the original\nreporter of CVE-2014-3153. Bugs fixed (https://bugzilla.redhat.com/):\n\n1094265 - CVE-2014-0181 kernel: net: insufficient permision checks of netlink messages\n1094602 - CVE-2014-0206 kernel: aio: insufficient sanitization of head in aio_read_events_ring()\n1096775 - CVE-2014-3144 CVE-2014-3145 Kernel: filter: prevent nla extensions to peek beyond the end of the message\n1102571 - CVE-2014-3917 kernel: DoS with syscall auditing\n1103626 - CVE-2014-3153 kernel: futex: pi futexes requeue issue\n1104097 - CVE-2014-3940 Kernel: missing check during hugepage migration\n1108744 - CVE-2014-4027 Kernel: target/rd: imformation leakage\n1113967 - CVE-2014-4667 kernel: sctp: sk_ack_backlog wrap-around problem\n1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address\n\n6",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"db": "VULHUB",
"id": "VHN-71967"
},
{
"db": "PACKETSTORM",
"id": "128090"
},
{
"db": "PACKETSTORM",
"id": "127788"
},
{
"db": "PACKETSTORM",
"id": "128089"
},
{
"db": "PACKETSTORM",
"id": "127515"
},
{
"db": "PACKETSTORM",
"id": "129430"
},
{
"db": "PACKETSTORM",
"id": "127555"
},
{
"db": "PACKETSTORM",
"id": "128091"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4027",
"trust": 3.2
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/06/11/1",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60564",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59777",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61310",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59134",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003017",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201406-527",
"trust": 0.7
},
{
"db": "BID",
"id": "68159",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-71967",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128090",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127788",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128089",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127515",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129430",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127555",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128091",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71967"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"db": "PACKETSTORM",
"id": "128090"
},
{
"db": "PACKETSTORM",
"id": "127788"
},
{
"db": "PACKETSTORM",
"id": "128089"
},
{
"db": "PACKETSTORM",
"id": "127515"
},
{
"db": "PACKETSTORM",
"id": "129430"
},
{
"db": "PACKETSTORM",
"id": "127555"
},
{
"db": "PACKETSTORM",
"id": "128091"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-527"
},
{
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"id": "VAR-201406-0230",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71967"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:56:56.921000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "target/rd: Refactor rd_build_device_space + rd_release_device_space",
"trust": 0.8,
"url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
},
{
"title": "[PATCH] target: Explicitly clear ramdisk_mcp backend pages",
"trust": 0.8,
"url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
},
{
"title": "Linux Kernel Archives",
"trust": 0.8,
"url": "http://www.kernel.org"
},
{
"title": "target/rd: Refactor rd_build_device_space + rd_release_device_space",
"trust": 0.8,
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
},
{
"title": "Bug 1108744",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
},
{
"title": "sol15685: Linux kernel vulnerabilities CVE-2014-3940 and CVE-2014-4027",
"trust": 0.8,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71967"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
},
{
"trust": 1.7,
"url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
},
{
"trust": 1.7,
"url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2335-1"
},
{
"trust": 1.1,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59134"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59777"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60564"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61310"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2334-1"
},
{
"trust": 1.0,
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3ba=commit%3bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4027"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4027"
},
{
"trust": 0.7,
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4027"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4655"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4656"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4652"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4654"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4667"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4653"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4171"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0206"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0181"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4014"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5045"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3917"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0155"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4508"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4608"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0131"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4699"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4943"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1739"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2336-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-35.62~precise1"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4514"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4943"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4655"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4653"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4514"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4608"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4652"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4699"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0131"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4656"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4667"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1452.72"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5077"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-54.81~precise1"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2285-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-1739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2929"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3673"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3184"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-4027"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-4652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3688"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3688"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-4656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6410"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2013-2929"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-4654"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3631"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3631"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-5045"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3687"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3182"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-1971.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3186"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-4655"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3184"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3673"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6410"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3687"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3144.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3144"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3153.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0206.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3940"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0913.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3145.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3940.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0181.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-4027.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3917.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-4667.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-4699.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3145"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-35.62"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2337-1"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71967"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"db": "PACKETSTORM",
"id": "128090"
},
{
"db": "PACKETSTORM",
"id": "127788"
},
{
"db": "PACKETSTORM",
"id": "128089"
},
{
"db": "PACKETSTORM",
"id": "127515"
},
{
"db": "PACKETSTORM",
"id": "129430"
},
{
"db": "PACKETSTORM",
"id": "127555"
},
{
"db": "PACKETSTORM",
"id": "128091"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-527"
},
{
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-71967"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"db": "PACKETSTORM",
"id": "128090"
},
{
"db": "PACKETSTORM",
"id": "127788"
},
{
"db": "PACKETSTORM",
"id": "128089"
},
{
"db": "PACKETSTORM",
"id": "127515"
},
{
"db": "PACKETSTORM",
"id": "129430"
},
{
"db": "PACKETSTORM",
"id": "127555"
},
{
"db": "PACKETSTORM",
"id": "128091"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-527"
},
{
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-23T00:00:00",
"db": "VULHUB",
"id": "VHN-71967"
},
{
"date": "2014-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"date": "2014-09-02T20:21:38",
"db": "PACKETSTORM",
"id": "128090"
},
{
"date": "2014-08-08T21:42:49",
"db": "PACKETSTORM",
"id": "127788"
},
{
"date": "2014-09-02T20:21:27",
"db": "PACKETSTORM",
"id": "128089"
},
{
"date": "2014-07-17T21:46:58",
"db": "PACKETSTORM",
"id": "127515"
},
{
"date": "2014-12-09T23:13:52",
"db": "PACKETSTORM",
"id": "129430"
},
{
"date": "2014-07-22T23:12:07",
"db": "PACKETSTORM",
"id": "127555"
},
{
"date": "2014-09-02T20:21:47",
"db": "PACKETSTORM",
"id": "128091"
},
{
"date": "2014-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-527"
},
{
"date": "2014-06-23T11:21:18.700000",
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-21T00:00:00",
"db": "VULHUB",
"id": "VHN-71967"
},
{
"date": "2014-11-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003017"
},
{
"date": "2014-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-527"
},
{
"date": "2023-11-07T02:20:22.100000",
"db": "NVD",
"id": "CVE-2014-4027"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-527"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux kernel of drivers/target/target_core_rd.c Inside rd_build_device_space Vulnerabilities that capture important information in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003017"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-527"
}
],
"trust": 0.6
}
}
VAR-200906-0617
Vulnerability from variot - Updated: 2024-07-23 21:56The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. Common Unix Printing System(CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务 . 在处理包含有两个IPP_TAG_UNSUPPORTED标签的特质IPP时,CUPS的cups/ipp.c文件中的ippReadIO()函数没有正确地初始化ipp结构,这可能导致受影响的应用崩溃 . cups/ipp.c文件中的ippReadIO()函数负责初始化表示当前IPP请求中不同标签的ipp结构:
/----------- 1016 ipp_state_t / O - Current state / 1017 ippReadIO(voidsrc, / I - Data source / 1018 ipp_iocb_tcb, / I - Read callback function / 1019 int blocking, / I - Use blocking IO? / 1020 ipp_t parent,/ I - Parent request, if any / 1021 ipp_t ipp) / I - IPP data / 1022 { 1023 int n;/ Length of data / 1024 unsignedchar buffer[IPP_MAX_LENGTH + 1], 1025 / Data buffer / 1026 string[IPP_MAX_NAME], 1027 / Small string buffer / 1028bufptr; / Pointer into buffer / 1029ipp_attribute_tattr; / Current attribute / 1030ipp_tag_t tag; / Current tag / 1031ipp_tag_t value_tag; / Current value tag / 1032ipp_value_t value;/ Current value / 1035DEBUG_printf((\"ippReadIO(\%p, \%p, \%d, \%p, \%p)\n\", src, cb, blocking, 1036parent, ipp)); 1037DEBUG_printf((\"ippReadIO: ipp->state=\%d\n\", ipp->state)); 1039if (src == NULL || ipp == NULL) 1040return (IPP_ERROR); 1041 1042switch (ipp->state) 1043{ 1044case IPP_IDLE : 1045ipp->state ++; / Avoid common problem... / 1046 1047case IPP_HEADER : 1048if (parent == NULL) - -----------/
在上面的代码中,通过几个不同的标签属性对报文进行计数。如果所发送的IPP报文标签属性低于0x10,CUPS就会认为是IPP_TAG_UNSUPPORTED标签:
/----------- else if (tag < IPP_TAG_UNSUPPORTED_VALUE) { / * Group tag...Set the current group and continue... / if (ipp->curtag == tag) ipp->prev = ippAddSeparator(ipp); else if (ipp->current) ipp->prev = ipp->current; ipp->curtag= tag; ipp->current = NULL; DEBUG_printf((\"ippReadIO: group tag = \%x, ipp->prev=\%p\n\", tag, ipp->prev)); continue; } - -----------/
由于CUPS处理这类标签的方式,如果报文中包含有两个连续的IPP_TAG_UNSUPPORTED,就会将IPP结构的最后一个节点初始化为NULL,这会在cupsdProcessIPPRequest函数试图读取attr结构的name字段时导致崩溃.
/----------- / * \'\'cupsdProcessIPPRequest()\'\' - Process an incoming IPP request. / int / O - 1 on success, 0 on failure / cupsdProcessIPPRequest( cupsd_client_t con)/ I - Client connection / ... if (!attr) { / * Then make sure that the first three attributes are: * * attributes-charset * attributes-natural-language * printer-uri/job-uri */
attr = con->request->attrs; if (attr && !strcmp(attr->name, \"attributes-charset\") && (attr->value_tag & IPP_TAG_MASK) == IPP_TAG_CHARSET) charset = attr; else charset = NULL; ... - -----------/. CUPS is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when processing two consecutive IPP_TAG_UNSUPPORTED tags in specially crafted IPP (Internet Printing Protocal) packets. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The ippReadIO() function in CUPS's cups/ipp.c file did not properly initialize the ipp structure when processing a idiosyncratic IPP that contained two IPP_TAG_UNSUPPORTED tags, which could crash the affected application. =========================================================== Ubuntu Security Notice USN-780-1 June 03, 2009 cups, cupsys vulnerability CVE-2009-0949 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.14
Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.5
Ubuntu 8.10: cups 1.3.9-2ubuntu9.2
Ubuntu 9.04: cups 1.3.9-17ubuntu3.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Anibal Sacco discovered that CUPS did not properly handle certain network operations.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.diff.gz
Size/MD5: 101447 1edf4eb6127965001092ac72fc5743ea
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.dsc
Size/MD5: 1060 4843503dffb5c5268a64499cb2cf279e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.14_all.deb
Size/MD5: 998 ee02e19aab490d9d97b6d3eb0f0808e4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_amd64.deb
Size/MD5: 36236 8f3c604623813d67800c2f06686ccd1b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_amd64.deb
Size/MD5: 81894 166216227002808778e9a01798409a37
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_amd64.deb
Size/MD5: 2287028 141ace9ca050db86cdef9b44e620c13b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb
Size/MD5: 6094 f338b2ae622333497e2cda10f26590e9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_amd64.deb
Size/MD5: 77648 40846208a23006cab7c7bd52813a6343
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb
Size/MD5: 25756 5b703a78f78465181f785715ef7036cc
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_amd64.deb
Size/MD5: 130344 6c9d54d7f6c8069d8d69652bf6dbddd7
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_i386.deb
Size/MD5: 34762 08037502d74a512a07b184c2999d32ad
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_i386.deb
Size/MD5: 77992 260347aa2b7f4ec59fcaa1d29a16e0c3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_i386.deb
Size/MD5: 2254260 49e00eabc519426ee5413864c4bdb251
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb
Size/MD5: 6092 0a515dd0fdd48eb70da0b5bfe3019f08
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_i386.deb
Size/MD5: 76752 7ee453f379433e22b9451e6282669797
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb
Size/MD5: 25740 28af462a2e8f13620bb1b70cef1cd08e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_i386.deb
Size/MD5: 122538 200a588a83e668f621ca41bc41a13413
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_powerpc.deb
Size/MD5: 40462 3937e3b6cb8f6cda2f1e450518a4e136
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_powerpc.deb
Size/MD5: 89516 bf845949727422d0ae4d550966d34c72
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_powerpc.deb
Size/MD5: 2301634 8bf6a7e2fcff62817459186c189673d1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb
Size/MD5: 6094 cb2ff11f6c55d69b99f39e64ad399774
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_powerpc.deb
Size/MD5: 79292 b137122dde7459d5653e024b4d3b5852
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb
Size/MD5: 25744 7765abc3cea993a82a638458202892e5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_powerpc.deb
Size/MD5: 128304 69634210a2fa2a8af2383a12b657a568
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_sparc.deb
Size/MD5: 35390 f4a5a9207d6494c05a7820cdbf2cadf9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_sparc.deb
Size/MD5: 78720 423336f4bf4be9292f49f31ab6cac3dc
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_sparc.deb
Size/MD5: 2287900 4833fae9ab11ecd3721faef405ad8167
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb
Size/MD5: 6094 ebae0d6eb86d9e3f4fff77c860f1693c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_sparc.deb
Size/MD5: 76568 7d1814766e366021fc136cb6577880b9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb
Size/MD5: 25746 a4eacdcf7d078a8200660cf0bb37c694
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_sparc.deb
Size/MD5: 124034 6fd4c6c86596379e32fc228ed15cf4dc
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.diff.gz
Size/MD5: 135129 091bf3e7ac7e1a1f074dc15d08c2c4d5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.dsc
Size/MD5: 1441 9cf7f2d9b00a22af8e8ccdfbe234fd8e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz
Size/MD5: 4700333 383e556d9841475847da6076c88da467
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.5_all.deb
Size/MD5: 1144240 9c3908b1639d493bcc580368adbfa3a3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_amd64.deb
Size/MD5: 37530 c252102dbd39005b010fff629e4daf2c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_amd64.deb
Size/MD5: 89980 2d95b8b2a44cfa62603335d6211f5fd1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_amd64.deb
Size/MD5: 1880552 e94141a55ae34eb9ac5be1b941268f5b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_amd64.deb
Size/MD5: 60804 9e8d5476cccb6ea9ac0d0eaf1db9c615
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_amd64.deb
Size/MD5: 50216 5de274a35fa3cbea87c9245b179364b5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_amd64.deb
Size/MD5: 344920 6a966e90749cbaf815c511717b84abaa
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_amd64.deb
Size/MD5: 178092 3d4bda40ecf7c2091cc173b79658d6c9
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_i386.deb
Size/MD5: 36952 2c6053368cf2a00f66197eca444af3b5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_i386.deb
Size/MD5: 88394 0c572acada7273e30b15bcb3cc2874cb
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_i386.deb
Size/MD5: 1863054 68e5cbd5fd1ed11bee4fef0c4e79de7f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_i386.deb
Size/MD5: 60082 062ad31917eedc6e5003e990807d838b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_i386.deb
Size/MD5: 49852 9ac15961d63d2fd6f4ce702e688a8985
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_i386.deb
Size/MD5: 339354 8b842a2c754dc36a307aa64e613fe4c7
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_i386.deb
Size/MD5: 174938 58ab39cc15878a158487fb858af9958d
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_lpia.deb
Size/MD5: 36658 536346a17e6b5035307bdf1ce04b3799
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_lpia.deb
Size/MD5: 88744 2141679378e4e3700c78c09ec936e1da
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_lpia.deb
Size/MD5: 1865310 094ffb6f741440a18fca28d50b29ead0
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_lpia.deb
Size/MD5: 60488 8681c7ebbe8e781fb7b3348b00da9de9
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_lpia.deb
Size/MD5: 50808 dce50fc21c292b77ff3d0f21946cf23e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_lpia.deb
Size/MD5: 337014 84ca26401f9ae81f3d9f535f0361dd0c
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_lpia.deb
Size/MD5: 173878 1f3e4888d7cf574b1c62aa092c852b8a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_powerpc.deb
Size/MD5: 46918 6e9a925312380561f2299f66cb134357
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_powerpc.deb
Size/MD5: 110820 b7b8c667cf96cfe0d60c1f2d1ba96628
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_powerpc.deb
Size/MD5: 1949102 2d78cac8f6b3c758ac337c791de433a3
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_powerpc.deb
Size/MD5: 59926 0c7f18be806b6467c39dd1955c6e4685
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_powerpc.deb
Size/MD5: 54920 9403a69f365361e033707d5914a92f52
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_powerpc.deb
Size/MD5: 341668 0ee868915ef0bd3e177244f931ec7b5d
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_powerpc.deb
Size/MD5: 183836 e45a7d338ce136c48abf6c5cce3b6f6b
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_sparc.deb
Size/MD5: 38028 e556e3eecc385e35b5c790046f91cec9
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_sparc.deb
Size/MD5: 91034 84e2052f3fd9e57363b13779fe3fb30f
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_sparc.deb
Size/MD5: 1897852 30481f2e4dff5ba7e8d465d0771360c8
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_sparc.deb
Size/MD5: 57826 72589c6d350921d2ac7d5a4207c5b78a
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_sparc.deb
Size/MD5: 48216 59e887dda48b748158c7083d50fb6405
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_sparc.deb
Size/MD5: 341372 0976433618733b76b21104715594256e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_sparc.deb
Size/MD5: 173768 853ddf9a445d28cdf2740957676b50cd
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.diff.gz
Size/MD5: 329287 0f1eabafd9f35ce1c7103f131976af91
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.dsc
Size/MD5: 2043 5c406df0ddf6c7f849147bbccb4350bb
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.2_all.deb
Size/MD5: 1162826 78ce799e56015d07969aea1b1e5750fe
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.2_all.deb
Size/MD5: 58238 c04c758e79b5d28dec48637c8c73b549
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.2_all.deb
Size/MD5: 58252 588dfe9e578fb1a17daf2faa5fab8774
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.2_all.deb
Size/MD5: 58244 0fa4c07b2e66a7d0c106071d283d7edc
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.2_all.deb
Size/MD5: 58236 f163f465b79566c194364d14ebb49608
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.2_all.deb
Size/MD5: 58252 afd476b79ec34e694d19f360a2cbc64c
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.2_all.deb
Size/MD5: 4526 bd17a9f9600e53f3c5ce3b18a2cae590
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.2_all.deb
Size/MD5: 58240 b1702f69d74e496859096eb6101e5139
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_amd64.deb
Size/MD5: 37300 2e18f255477200b6320afa7e6903508f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_amd64.deb
Size/MD5: 119744 9c484968a2250bd303c305df9d53943f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_amd64.deb
Size/MD5: 1682962 e7fa53ce69537cd609e8d88e1873e9cc
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_amd64.deb
Size/MD5: 2172504 b4d5b2ce9603e2b36374b100dbf9ada7
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_amd64.deb
Size/MD5: 352190 8bbf84d00818cf88c0f3d048fa425cf1
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_amd64.deb
Size/MD5: 173268 01abbe7f859eef7e9e5d453792b96f76
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_amd64.deb
Size/MD5: 61314 73a75d935ccb41f7827bfeff0bf8f9ec
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_amd64.deb
Size/MD5: 52312 263e4265a47473eff3b416b896907103
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_i386.deb
Size/MD5: 36226 c8d3d0df62f93d519369f37ab0d337bf
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_i386.deb
Size/MD5: 115328 65483c26c3e0efe02922a59beeb0d833
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_i386.deb
Size/MD5: 1542716 c3737d9cfb6277985baf83bf4a449150
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_i386.deb
Size/MD5: 2139250 edef8688cd2fe57ac989b4bad50022ac
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_i386.deb
Size/MD5: 345992 e4adcaea69f8ae947f1ca0b63af74ffd
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_i386.deb
Size/MD5: 170194 fd8ab14aafda63f2f41cbd4885be0d81
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_i386.deb
Size/MD5: 60534 5064205f7a26e8ed1a543932e6aad79e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_i386.deb
Size/MD5: 51718 e663a435f42d39438e5fdf1ed599c7cb
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_lpia.deb
Size/MD5: 36014 b9a880feca8d481df4f9495cec8b8121
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_lpia.deb
Size/MD5: 114512 1617fc04bc3c063dcb8bbc884050c6b2
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_lpia.deb
Size/MD5: 1571962 7b061e95651696885125af95d7b08532
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_lpia.deb
Size/MD5: 2135962 8695e326f9876ed3c3012becfaeed0f4
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_lpia.deb
Size/MD5: 342968 9887c91b3ac9427b240317f6eb6d8bf0
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_lpia.deb
Size/MD5: 168430 e13502a0fda3165d41d92f156f2ade21
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_lpia.deb
Size/MD5: 60630 63b43b5b90c7f271d8ffc491d50c77e0
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_lpia.deb
Size/MD5: 52386 f0ee10297823f8aa39049a1f9cff34bb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_powerpc.deb
Size/MD5: 43564 e3d68dd451cae339f4629e36363e27b4
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_powerpc.deb
Size/MD5: 138160 8d11bd04570c0738af0b35ecef8ca018
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_powerpc.deb
Size/MD5: 1663540 3f5d9437ffe6df630cde4ad4b4fbbe35
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_powerpc.deb
Size/MD5: 2264222 6c49653a70198b67692c220135fe5428
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_powerpc.deb
Size/MD5: 347966 72a14e0a64f503365475c436fa45ac39
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_powerpc.deb
Size/MD5: 177464 2615af3dce1a5b56c001adcbab649264
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_powerpc.deb
Size/MD5: 61256 b021d0be4915346dfc22203556c56ce4
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_powerpc.deb
Size/MD5: 57436 a9463cb0014dba068fe6ad3dd05b7693
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_sparc.deb
Size/MD5: 37216 b30aec0d4f3cff1d59594c1272002e93
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_sparc.deb
Size/MD5: 117640 35ca75a0021841529ed85691ba0496bc
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_sparc.deb
Size/MD5: 1490704 f143b16a5a811b517cc968d9e628feb9
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_sparc.deb
Size/MD5: 2200938 91b1621927bd5feb83bd1dd8fa20005d
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_sparc.deb
Size/MD5: 344786 c5e02a1f344ddc4e10b91b255ac869dd
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_sparc.deb
Size/MD5: 166318 e6bfc6840275b954311c4544667d6193
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_sparc.deb
Size/MD5: 57848 f4c6f5c70fd1ec7a95c322186e86c487
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_sparc.deb
Size/MD5: 49796 52f0c961942e4a0b8e85ed3b6d4953a4
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.diff.gz
Size/MD5: 331113 386644ef646604fa3ea0f18a3440dd94
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.dsc
Size/MD5: 1984 974758acb855004824caa579913a402f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.1_all.deb
Size/MD5: 1165116 0fea2201baecec1a63153ca024cf85b3
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.1_all.deb
Size/MD5: 60220 78f1df511789d7c6fa564df73ae3737e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.1_all.deb
Size/MD5: 60230 dd363c3548b1d7bab16bb595ac2d8682
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.1_all.deb
Size/MD5: 60222 3fe72599089459e0533070ee35696c96
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.1_all.deb
Size/MD5: 60218 33922120f0f3b6d755691c6cd31a983a
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.1_all.deb
Size/MD5: 4520 4944980239da17a124a13b5eb08814af
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.1_all.deb
Size/MD5: 60204 578a4a096679845a551abab4687ecd07
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.1_all.deb
Size/MD5: 60220 404eae856385b1def832fb0474551e51
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_amd64.deb
Size/MD5: 37310 824835ae3f5e791b0ced4e0bfa0094aa
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_amd64.deb
Size/MD5: 119750 d3562b6435de311fdfdd3f5a433beafe
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_amd64.deb
Size/MD5: 1658120 811f80a88d0fdcee20f41383b313d073
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_amd64.deb
Size/MD5: 2168616 178ada0830fa6b64f1b2a28f43ba68d5
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_amd64.deb
Size/MD5: 352130 b9502f3daaa52d057a815e6a11433707
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_amd64.deb
Size/MD5: 177068 fedd91d5e3094e813b85c910e6f950ab
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_amd64.deb
Size/MD5: 61260 68d03afa62ffd74aa517c588cd32017d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_amd64.deb
Size/MD5: 52220 715bc18c530db346e2faad81789af0a0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_i386.deb
Size/MD5: 36212 f8a3d3701b170c1637b469b1abcde7c6
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_i386.deb
Size/MD5: 115324 062953a515a6c8b27c75c7539472f9f4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_i386.deb
Size/MD5: 1517622 a3c1f3ad98db97230d25ba20acfa4c11
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_i386.deb
Size/MD5: 2134800 0cde4fc0fac7b7682f0a53f38caedbc4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_i386.deb
Size/MD5: 345990 2bc3076c1ad6c67c5858f62714ab4a3b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_i386.deb
Size/MD5: 173740 c44041d8784eae4ac9400a0d3b9b9138
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_i386.deb
Size/MD5: 60488 c923e354bf04dbafff5339ea6d18433e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_i386.deb
Size/MD5: 51530 b03604b87ea464a7f97e26272582ee18
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_lpia.deb
Size/MD5: 36032 2be317cc9206baaff256b4325072589a
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_lpia.deb
Size/MD5: 114486 8c27d1961b1aa8a73f3c342ae6ae92f8
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_lpia.deb
Size/MD5: 1546154 0d3adaac793d357587ce7cc4275fe55f
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_lpia.deb
Size/MD5: 2132166 9ae39e3c42178dd9b384fc8bc8a13d82
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_lpia.deb
Size/MD5: 342936 2cff2dcc4b5cd9e54046bd97f2ca1bed
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_lpia.deb
Size/MD5: 171954 a2ea14f0324efa3d936f8a31730d0c9d
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_lpia.deb
Size/MD5: 60678 4594a7764c86b427ff76b2700a294ddc
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_lpia.deb
Size/MD5: 52340 86b3bb0d4279f78231d1bdd0e1dbc3fb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_powerpc.deb
Size/MD5: 43578 302e5e3849b99d0a12e2ff4f96be71d1
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_powerpc.deb
Size/MD5: 138164 5e62e249891ed196a7eb21466205fd7b
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_powerpc.deb
Size/MD5: 1633586 15e374d5ff627a56713f2a7ce61ef616
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_powerpc.deb
Size/MD5: 2256002 66dd6a9c74b750671c86e90163941953
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_powerpc.deb
Size/MD5: 347906 cb12b0143262bdbe01a6e69584947228
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_powerpc.deb
Size/MD5: 182450 c07ea0fed64ca677713c8a9362a38467
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_powerpc.deb
Size/MD5: 61302 934f995a352040b03daf4b4462da2892
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_powerpc.deb
Size/MD5: 57414 31f122cc6a44e90c362dda241b98648c
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_sparc.deb
Size/MD5: 37204 d11aa276b3c4049110c587b2131d1207
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_sparc.deb
Size/MD5: 117558 c29f382879fce337b440b71cb3a88b3d
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_sparc.deb
Size/MD5: 1462180 9c40f63f4c088299eec0d97317c53a3a
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_sparc.deb
Size/MD5: 2201794 00f9c319e7fd6b9eeed508baba656d21
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_sparc.deb
Size/MD5: 344712 9f8df2c64cff337847abca91c4e3fb1f
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_sparc.deb
Size/MD5: 169558 555c2de1cc4ff90754500bb42947453e
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_sparc.deb
Size/MD5: 57850 d5d1dc89040b20f04c6a99d14524a6d1
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_sparc.deb
Size/MD5: 49686 46af0e0b82ed5cc1d562909eacd9a35c
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2009:282-1 http://www.mandriva.com/security/
Package : cups Date : December 7, 2009 Affected: 2008.0
Problem Description:
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0163)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to g*allocn. (CVE-2009-0166)
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments (CVE-2009-0195). NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0799)
Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-0949)
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1179)
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. (CVE-2009-1181)
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. (CVE-2009-1182)
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file. (CVE-2009-1183)
Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609)
This update corrects the problems.
Update:
Packages for 2008.0 are being provided due to extended support for Corporate products.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
Updated Packages:
Mandriva Linux 2008.0: 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY a3mQtrfvoibfn29OFAfdSn0= =lTbL -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
For the oldstable distribution (etch), this problem has been fixed in version 1.2.7-4+etch8 of cupsys.
For the stable distribution (lenny), this problem has been fixed in version 1.3.8-1+lenny6 of cups.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem will be fixed soon.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Debian (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.dsc Size/MD5 checksum: 1094 42b2e4d0d1709d31270cbd0361ded3f4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.diff.gz Size/MD5 checksum: 109744 c73260161da939be7517c6ff0c5493cb
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4+etch8_all.deb Size/MD5 checksum: 921366 4cec0d4b82b768bd42c801e87831eec9 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4+etch8_all.deb Size/MD5 checksum: 46424 bc032e7d1c4520843b540d3bb238d3a3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 72856 a2c626b3f8dd8e43cecc395c5cf9ef03 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 1614886 8286658ca407d05ecc87ea4cd2dc870a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 183730 f2c644de893bf0ca28868cfecefca04d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 85916 7233e6ec6bb857653d2829cd80012d41 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 1093518 e6544fc0edd973d09a1e00652991845b http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 96030 23aca27ae72c081612fb247cfd9e33da http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 39332 a931e92b73c1004f4c8ed110c01ac728 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_alpha.deb Size/MD5 checksum: 175552 8bb48e7fdb170d74a14e65aecee3b230
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 1087540 1e71685c6620845318d49cf1fcf5feb0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 87128 281a245270d6c2dcd7f0e1a6fc7d0b12 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 37572 c0491559f8465d610a0577cc23f00de5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 162892 42d1cf5ceaa5ed7a95f16b869e6df97f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 80862 511e522206e17f759cd7c56e934f08bd http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 1572040 e2582ab015e6e3a3858b713d6f159a34 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 53056 d4c82327123ddc2c0e48c804634603ae http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_amd64.deb Size/MD5 checksum: 142418 d9314cb33230b9c6dbe571671b14adda
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 1023048 8b559f55ae312c59e22a113fd6928c5f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 36758 cb2e80f86795f10af3fc100aa4506def http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 1567912 776f4974949a31b3facd38b302b8097a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 78698 6122e3902076dd2c3247dd4b5a56a660 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 48958 92730848f69e8540412fdf8bdfb96c1f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 85496 230c5b107dff69eca6f8d6241277a95f http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 154962 8803b8b5ac7a11e3a2cf5a40f389d049 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_arm.deb Size/MD5 checksum: 131674 22e1a6767fc65ac920a5ce245743f9fd
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 154688 26ee139a8daabd621479d73ac2d04a16 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 1628398 beed29d0d6a15e33a83206acf3380cce http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 57246 07d89a1799a8b8daf3fb13f8c0b155d3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 86802 f4e4a831a178e7e9df1f66a3af3633fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 172252 78031fa93b94ba44187e0986e82d6201 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 40370 b203925426b9411027184af8af2f73d6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 1037196 85cd25d326e4535a9a18921e1016788d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_hppa.deb Size/MD5 checksum: 91586 1ef7a9dd2be035a8504bd124e1da385d
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 137728 7f9d176b0cb1e5976ea06e58526a60f4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 87336 3b3b4ffad78f35ffc5e05941bdfc15bd http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 37416 3513b7cef1c51a35efd9ffd3c294e14d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 1000830 28dedcb611ed0538308122b860ba58c8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 53206 d0ae9184a84597d989b69fe7e25bc470 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 1560356 5a8dc9c147a9d5c82224478f64731f0f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 79744 40326a8b68de9dbe6987e39fe95a13f8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_i386.deb Size/MD5 checksum: 160956 da17f9d144495fde4e4c8bbad95560e8
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 106218 609f68aa16bfd657583e8be99a2ad0c1 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 74386 f0259501885d635d40aab9308a1bfbf3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 192362 9009b4a91e64ab0a1c325bcaec97c2e0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 1108908 1db7bb18903f47d5de29482709e3ff78 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 1771178 f104a7cc65ef288cd7758bb2175709a0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 204522 8628cbc5cf2b22ed1d4eaeda2d7b4a60 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 46334 726f90dd146cd9d2d6ad964c0e718585 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_ia64.deb Size/MD5 checksum: 107424 c3c93da377fee4bf48f57778b305d5db
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 1098528 5a9e021f7509cbde95ef66da819c3228 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 150986 db510250f4f5aac631a743f04dc8054d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 36124 d8663fcdd8acb88018af29a3af61c9f6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 158310 776e9b5f14047779211e1262ae9f62d0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 76166 26a80a28871b162d72c2469a18ce6966 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 87110 f71b2aa6af126f5ae434e1381126fc34 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 1568290 ad4192ffb0d477ae964f6c3b039e52ac http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mips.deb Size/MD5 checksum: 57678 da4e6ba9b1a61ad4bdc6a8e8d682fc61
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 87254 e2917b072751a45afba30498006b71c3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 150894 09067f14c0938ef6dbeb500256dd42f9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 1553678 c4168376ca4d74744e24be76ec159067 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 158842 f6d3053079e08de8e617272fd4a8489d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 1086490 e82ba4868d85ad36861a8aff82f6f72a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 36070 c67551d542db6a7b5081b8f0e1bdf30e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 57804 fa0c855349bfa38f31c82e83374ccdab http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mipsel.deb Size/MD5 checksum: 77446 936b8d1173c259822d9e5ae3e82eb357
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 41342 f5d1131ddc30cb780322237c47411177 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 1147440 23944aceda9e865a4aab581509bb4058 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 89404 9a0198042c3eb4ef053f720d20706c34 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 163446 75275152a9b69f479d4b0c6ae8fb3fa0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 1582758 4544b9bc4aaf231fe604449311f118b9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 89574 942740b75d722b0fcbf284bc05035e48 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 136242 5ef0278b80c263897d8942f9bc03631e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_powerpc.deb Size/MD5 checksum: 51926 a35183dcb7bc3a0490b2ee1d8ed5ab3d
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 82334 745d2f27c678f02ad011fa15f1731560 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 1587692 d3c2245878121c7c16752f2b9949d0dc http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 166998 64e5615906a50a2c19ee5359a521a9f6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 52522 199020914a0d52a771d112c6b2823de8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 1037546 89b9f600cc2a513678446a2a2fcb5b81 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 88194 b376557a4f613fb65f46cbfae42050bf http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 144934 da63d5b24df68891c2806f0f514911e6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_s390.deb Size/MD5 checksum: 37422 3b0a8733a1ef7bf6fae8f00bb306bceb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 78608 fb366ff39679d91c983deb2022ec0f0c http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 159716 eb0065adeacdf8a7f23098195a515e03 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 86066 5c0f9c078202fbf4c2f9c7cae3c89057 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 1578044 a94273670520f2db0fd4767ecb93cc4c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 36060 b54d8ba11e9f8fd155e0b29f1609ebcd http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 51832 cb3bf2ee0f2d4661cd8198f8da780d00 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 996840 5609f09834fb8eecc031ad52bb1ba550 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_sparc.deb Size/MD5 checksum: 138744 5e701d9b2c7941e857c143e7289c3a20
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.diff.gz Size/MD5 checksum: 185068 01548b71a9c9f8f3cd4c4e38be162e0c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.dsc Size/MD5 checksum: 1837 74c7cc9607928673ef30937fa74d154c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz Size/MD5 checksum: 4796827 10efe9825c1a1dcd325be47a6cc21faf
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52146 7e655df3208e7b1c14e963e62d2a1f9e http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52174 ca30676d4f14b19d69f07948ec920645 http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52172 0745ebb9d35b06b2baed0946c9c4cdf4 http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 39dda2a8979e6d53d369a850a7287f98 http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 185cdcccb15621495bb4dd922824fb27 http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52162 7cfc925b6070373cb03f50e28ffcb5eb http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 1180808 ab548a8679a470d91055cb14a524f019 http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny6_all.deb Size/MD5 checksum: 52166 808680daaacf24e6969a46b5821c05b4
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 37990 1d176c775ae611d5de6fc28debeac312 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 108462 bee5be572e1c162c31a2f2cb6fccd95b http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 118450 c6848af4b97d419426046f53c0a10c8b http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 445916 a291be3dfa900c17126ce9796d71db2a http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 2099172 fabc17ee844d661b518a4c35321c5128 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 1142836 46addc9aade19f27e42b443768023f94 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 179128 0c7440b785436020854b72114e9e7686 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_alpha.deb Size/MD5 checksum: 81496 5235f6c116886ee493467ff1e52dff9f
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 168874 34599b5781a04df793603da238d30224 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 61012 fcd44c54190e1f2212335b0f971b2241 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 1197270 584dbf166833f9f50a43137f1e2c04f7 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 2070558 64782a03e7391d3b983fe918b6d416a6 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 116780 317905cae4f2ba4acbdb62cc46b87e2a http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 401290 bdd244d1e6559d959eb803f8bd6abbf2 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 37236 b3642bfa15ff0fe3c6d983e031275da6 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_amd64.deb Size/MD5 checksum: 99702 17dbaea17495777f8ba8a2996acc3725
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 387466 6ac7763fc0ade8a3703104cdd3c3357a http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 97190 e274997fb4e49c281c21549b1120efb2 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 113164 eaa19c4d0964cd38613ab2c58f07ce26 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 2059026 ee1367a147b8c07bae9c87ccc87c4998 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 55342 c57db0444dc9193f0ab35e1a934400ec http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 155270 5f0300fb74cb89f6b9b7bb45537f4aec http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 1123418 df0367cba01ba9919f409b022dbe7c1b http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_arm.deb Size/MD5 checksum: 36484 7294561d854c324dc268c8fb0d616a2a
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 1128236 5fb35a72133c870e444fe0b1250db6b2 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 38752 777da1a892c9d354f5e1ae2575b97d47 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 2075760 a850581323f50e10ded793a321763a39 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 387318 64dc6d3b023d3de8a9ad99c244555008 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 98356 96861930db8e85257fa250312839d177 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 119314 7a4acbab9f1600e266780b8e4edc8161 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 156808 a67d3ee08ed7bbcee2d90e45b4c5d9fc http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_armel.deb Size/MD5 checksum: 54730 26bc079114200f249ee55182577d978b
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 102958 61cca5c9fe91de9823fe3b141df6cbfd http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 2118150 9a34c8fcfda89744ff1ed5cb57fdeae1 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 63136 dcc115ea567651075e3b7fbf73477f2c http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 406484 36b77c3f6c05df1f44b9a971b2fd3bc8 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 121714 30743045e4927713923ab1f3bb9e6360 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 1141670 a1d27d8aec34d3e1cefd8af9d680fdce http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 172628 bc5c1f4a039c3fb8dbfdd0dc36aa2f56 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_hppa.deb Size/MD5 checksum: 39974 b00448f41ec531188e029bc7173f5271
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 99256 289e9977f36773c117b6fcc6580b464f http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 1096046 28adf6b61f8bff81e19ee5b7fc464aac http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 60422 d4646115f417b7d56b1665283e914b42 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 115956 4db026d788ab7bcb923847491f46b8ca http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 2051272 6b1ce4707c65c46af6ae766ce9b50e99 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 165348 ffd04ab3b875fef36b26fe3dd1106996 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 393998 080d022507d07a4713b3f95acb7c22f6 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_i386.deb Size/MD5 checksum: 38022 7990b6a4a8d217fe07e7e1bd0f9108ff
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 2281420 2adc4c08d3bc24c8d70acac31ca8421a http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 123434 e3c1cbbd801a0ddd985e3b27c021b9d8 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 209034 5bfbe9000e4f1cafdbc66a6a94c20e7b http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 1149350 7f6b259e7f4ecc70accf51236efb3a5a http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 41278 1cee7bf398c2e2c7e4189f005cbb3444 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 139124 8ff9597b3e2cd534614a66531a5db361 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 447412 b59175ffef15d9b2e618b85ce6f8cff2 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_ia64.deb Size/MD5 checksum: 86018 e5badf6982128286853fc360fc77a4d3
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 157842 c3652835b110a94fc5a5f9d20230e443 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 2047282 ce608c3fa6d89e7d7ff3e313f88fbef2 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 98662 ddbba9bea120f9b7740adc8ceb45c3dc http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 108508 0a5b6ba27061cfa40e45cfc514d3ba0d http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 36010 a786245e49b8cabcaad41a5e92a5c884 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 65290 155e5959fac035fc8307800061913d35 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 1170866 11910e0f1ccbb2f3ba151cbfe8186696 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mips.deb Size/MD5 checksum: 405510 4f848ff0dd8f2b08f3fa3bb220a6f75c
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 158274 8c3b143ee488c17cf00cf7599bee331c http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 98792 74a91f31a602f6f2a0c04b4e72723b86 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 1156060 f3be7e74bd904dfdecc086bc6ee16bf5 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 403142 42cf44870e91355bb7a465dce52605ae http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 36142 daa9ed0b87002a002bece0890b1a6e12 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 65216 a1c8b686980e932f19a789430a4eafaa http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 2028136 a67cf50db9734a8175936ff5e2d45d5d http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mipsel.deb Size/MD5 checksum: 109968 23ff5d8a36aecd545c5cf210bc3873d5
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 394114 5309447c955f4decbe93f50802ed1805 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 1188662 f8438353bab0a00502a1687042c54961 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 61144 ac80e1cd5cc0661c10693d360e32c11d http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 174232 5938321743bda64571c6d0797f84dca1 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 104730 d5f60c53825c532dca34cb21f1c1d2fb http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 44212 d0b547b8cf87254ce65874df057468db http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 136102 34f3fbb1bf5519277c20944b3d118a6c http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_powerpc.deb Size/MD5 checksum: 2122006 f0e6902972831c2490b6f6bcbecd1ba0
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 101502 e48e528e2b3ee8140dcce180aae0feb8 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 37818 7f26d32ff01aa1088e424a16439d0990 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 171544 131841fd12d9331c312f8a28718fe8a1 http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 399662 f80688352e705e1293d64bb211dcd568 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 2090700 7d406321bb349547bdbe43123fb770f3 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 118588 64d6969a96a76de52a7296c745116a48 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 1188192 365ee760b0b9b8dd869dd11f1f4c42f9 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_s390.deb Size/MD5 checksum: 60716 634f2ba3cc0eb22c59252f15a1582770
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 390982 1235ace473b594360267daef5663c1b3 http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 116666 3c08364f33b2594c4f8be8c0bfce7333 http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 1051168 056faed5a5baf927d91b21b4fe624812 http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 38374 6401223175cfcf9082f3fac43a4f9d42 http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 2069062 4041871842ca0f29408c95c39f9cbb68 http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 160772 6a682010c72d5d78f4a6efcfb3ed5955 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 57762 478e92cd02d8acb20a600d4ca61aba39 http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_sparc.deb Size/MD5 checksum: 96996 37446d6e2f9dbf94122db96d1df00b9f
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkolko8ACgkQHYflSXNkfP+rjwCfWDGEVO8HeUkO9sF09pz0Nvwn 4GMAn3rgCfJK2rFC5dZyvIzTiyo6CiUb =6yYH -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200906-0617",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "mac os x server",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.0.0"
},
{
"model": "mac os x server",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.8"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "10.3"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.11"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "mac os x server",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.11"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.0.0"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.8"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10.0"
},
{
"model": "mac os x server",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.0"
},
{
"model": "cups",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.10"
},
{
"model": "apple mac os x server",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "cups",
"scope": null,
"trust": 0.8,
"vendor": "cups",
"version": null
},
{
"model": "red hat enterprise linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "turbolinux appliance server",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "apple mac os x",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "red hat enterprise linux eus",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "5 (client)"
},
{
"model": "red hat enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "turbolinux client",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "turbolinux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "asianux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30a4\u30d0\u30fc\u30c8\u30e9\u30b9\u30c8\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3.6"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3.8"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3.3"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3.7"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3.5"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3.9"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "1.3.4"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.9"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.8"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.7"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.6"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.5"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.3"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.2"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.12"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.10"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.9"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.8"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.2.2"
},
{
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.23"
},
{
"model": "software products cups rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.22"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.21"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.20"
},
{
"model": "software products cups rc5",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.19"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.18"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.17"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.16"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.15"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.14"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.13"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.12"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.10"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.7"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.6"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-5"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-3"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-2"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.1"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4-8"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "software products cups",
"scope": "ne",
"trust": 0.3,
"vendor": "easy",
"version": "1.3.10"
}
],
"sources": [
{
"db": "BID",
"id": "35169"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
},
{
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.5.8",
"versionStartIncluding": "10.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.5.8",
"versionStartIncluding": "10.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.4.11",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.4.11",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:9.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anibal Sacco",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
}
],
"trust": 0.6
},
"cve": "CVE-2009-0949",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-0949",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-38395",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-0949",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-0949",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-120",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-38395",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38395"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
},
{
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. Common Unix Printing System(CUPS)\u662f\u4e00\u6b3e\u901a\u7528Unix\u6253\u5370\u7cfb\u7edf\uff0c\u662fUnix\u73af\u5883\u4e0b\u7684\u8de8\u5e73\u53f0\u6253\u5370\u89e3\u51b3\u65b9\u6848\uff0c\u57fa\u4e8eInternet\u6253\u5370\u534f\u8bae\uff0c\u63d0\u4f9b\u5927\u591a\u6570PostScript\u548craster\u6253\u5370\u673a\u670d\u52a1 . \n\u5728\u5904\u7406\u5305\u542b\u6709\u4e24\u4e2aIPP_TAG_UNSUPPORTED\u6807\u7b7e\u7684\u7279\u8d28IPP\u65f6\uff0cCUPS\u7684cups/ipp.c\u6587\u4ef6\u4e2d\u7684ippReadIO()\u51fd\u6570\u6ca1\u6709\u6b63\u786e\u5730\u521d\u59cb\u5316ipp\u7ed3\u6784\uff0c\u8fd9\u53ef\u80fd\u5bfc\u81f4\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u5d29\u6e83 . \ncups/ipp.c\u6587\u4ef6\u4e2d\u7684ippReadIO()\u51fd\u6570\u8d1f\u8d23\u521d\u59cb\u5316\u8868\u793a\u5f53\u524dIPP\u8bf7\u6c42\u4e2d\u4e0d\u540c\u6807\u7b7e\u7684ipp\u7ed3\u6784\uff1a\n\n/-----------\n1016 ipp_state_t /* O - Current state */\n1017 ippReadIO(void*src, /* I - Data source */\n1018 ipp_iocb_tcb, /* I - Read callback function */\n1019 int blocking, /* I - Use blocking IO? */\n1020 ipp_t *parent,/* I - Parent request, if any */\n1021 ipp_t *ipp) /* I - IPP data */\n1022 {\n1023 int n;/* Length of data */\n1024 unsignedchar buffer[IPP_MAX_LENGTH + 1],\n1025 /* Data buffer */\n1026 string[IPP_MAX_NAME],\n1027 /* Small string buffer */\n1028*bufptr; /* Pointer into buffer */\n1029ipp_attribute_t*attr; /* Current attribute */\n1030ipp_tag_t tag; /* Current tag */\n1031ipp_tag_t value_tag; /* Current value tag */\n1032ipp_value_t *value;/* Current value */\n1035DEBUG_printf((\\\"ippReadIO(\\\\%p, \\\\%p, \\\\%d, \\\\%p, \\\\%p)\uff3cn\\\", src, cb, blocking,\n1036parent, ipp));\n1037DEBUG_printf((\\\"ippReadIO\uff1a ipp-\uff1estate=\\\\%d\uff3cn\\\", ipp-\uff1estate));\n1039if (src == NULL || ipp == NULL)\n1040return (IPP_ERROR);\n1041\n1042switch (ipp-\uff1estate)\n1043{\n1044case IPP_IDLE \uff1a\n1045ipp-\uff1estate ++; /* Avoid common problem... */\n1046\n1047case IPP_HEADER \uff1a\n1048if (parent == NULL)\n- -----------/\n\n\u5728\u4e0a\u9762\u7684\u4ee3\u7801\u4e2d\uff0c\u901a\u8fc7\u51e0\u4e2a\u4e0d\u540c\u7684\u6807\u7b7e\u5c5e\u6027\u5bf9\u62a5\u6587\u8fdb\u884c\u8ba1\u6570\u3002\u5982\u679c\u6240\u53d1\u9001\u7684IPP\u62a5\u6587\u6807\u7b7e\u5c5e\u6027\u4f4e\u4e8e0x10\uff0cCUPS\u5c31\u4f1a\u8ba4\u4e3a\u662fIPP_TAG_UNSUPPORTED\u6807\u7b7e\uff1a\n\n/-----------\nelse if (tag \uff1c IPP_TAG_UNSUPPORTED_VALUE)\n{\n/*\n* Group tag...Set the current group and continue... \n*/\nif (ipp-\uff1ecurtag == tag)\nipp-\uff1eprev = ippAddSeparator(ipp);\nelse if (ipp-\uff1ecurrent)\nipp-\uff1eprev = ipp-\uff1ecurrent;\nipp-\uff1ecurtag= tag;\nipp-\uff1ecurrent = NULL;\nDEBUG_printf((\\\"ippReadIO\uff1a group tag = \\\\%x, ipp-\uff1eprev=\\\\%p\uff3cn\\\", tag,\nipp-\uff1eprev));\ncontinue;\n}\n- -----------/\n\n\u7531\u4e8eCUPS\u5904\u7406\u8fd9\u7c7b\u6807\u7b7e\u7684\u65b9\u5f0f\uff0c\u5982\u679c\u62a5\u6587\u4e2d\u5305\u542b\u6709\u4e24\u4e2a\u8fde\u7eed\u7684IPP_TAG_UNSUPPORTED\uff0c\u5c31\u4f1a\u5c06IPP\u7ed3\u6784\u7684\u6700\u540e\u4e00\u4e2a\u8282\u70b9\u521d\u59cb\u5316\u4e3aNULL\uff0c\u8fd9\u4f1a\u5728cupsdProcessIPPRequest\u51fd\u6570\u8bd5\u56fe\u8bfb\u53d6attr\u7ed3\u6784\u7684name\u5b57\u6bb5\u65f6\u5bfc\u81f4\u5d29\u6e83. \n\n/-----------\n/*\n* \\\u0027\\\u0027cupsdProcessIPPRequest()\\\u0027\\\u0027 - Process an incoming IPP request. \n*/\nint /* O - 1 on success, 0 on\nfailure */\ncupsdProcessIPPRequest( cupsd_client_t *con)/* I - Client connection */\n... \nif (!attr)\n{\n/*\n* Then make sure that the first three attributes are\uff1a\n*\n* attributes-charset\n* attributes-natural-language\n* printer-uri/job-uri\n*/\n\nattr = con-\uff1erequest-\uff1eattrs;\nif (attr \uff06\uff06 !strcmp(attr-\uff1ename, \\\"attributes-charset\\\") \uff06\uff06\n(attr-\uff1evalue_tag \uff06 IPP_TAG_MASK) == IPP_TAG_CHARSET)\ncharset = attr;\nelse\ncharset = NULL;\n... \n- -----------/. CUPS is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when processing two consecutive IPP_TAG_UNSUPPORTED tags in specially crafted IPP (Internet Printing Protocal) packets. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The ippReadIO() function in CUPS\u0027s cups/ipp.c file did not properly initialize the ipp structure when processing a idiosyncratic IPP that contained two IPP_TAG_UNSUPPORTED tags, which could crash the affected application. ===========================================================\nUbuntu Security Notice USN-780-1 June 03, 2009\ncups, cupsys vulnerability\nCVE-2009-0949\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n cupsys 1.2.2-0ubuntu0.6.06.14\n\nUbuntu 8.04 LTS:\n cupsys 1.3.7-1ubuntu3.5\n\nUbuntu 8.10:\n cups 1.3.9-2ubuntu9.2\n\nUbuntu 9.04:\n cups 1.3.9-17ubuntu3.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nAnibal Sacco discovered that CUPS did not properly handle certain network\noperations. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.diff.gz\n Size/MD5: 101447 1edf4eb6127965001092ac72fc5743ea\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.dsc\n Size/MD5: 1060 4843503dffb5c5268a64499cb2cf279e\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz\n Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.14_all.deb\n Size/MD5: 998 ee02e19aab490d9d97b6d3eb0f0808e4\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_amd64.deb\n Size/MD5: 36236 8f3c604623813d67800c2f06686ccd1b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_amd64.deb\n Size/MD5: 81894 166216227002808778e9a01798409a37\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_amd64.deb\n Size/MD5: 2287028 141ace9ca050db86cdef9b44e620c13b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb\n Size/MD5: 6094 f338b2ae622333497e2cda10f26590e9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_amd64.deb\n Size/MD5: 77648 40846208a23006cab7c7bd52813a6343\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb\n Size/MD5: 25756 5b703a78f78465181f785715ef7036cc\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_amd64.deb\n Size/MD5: 130344 6c9d54d7f6c8069d8d69652bf6dbddd7\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_i386.deb\n Size/MD5: 34762 08037502d74a512a07b184c2999d32ad\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_i386.deb\n Size/MD5: 77992 260347aa2b7f4ec59fcaa1d29a16e0c3\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_i386.deb\n Size/MD5: 2254260 49e00eabc519426ee5413864c4bdb251\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb\n Size/MD5: 6092 0a515dd0fdd48eb70da0b5bfe3019f08\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_i386.deb\n Size/MD5: 76752 7ee453f379433e22b9451e6282669797\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb\n Size/MD5: 25740 28af462a2e8f13620bb1b70cef1cd08e\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_i386.deb\n Size/MD5: 122538 200a588a83e668f621ca41bc41a13413\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_powerpc.deb\n Size/MD5: 40462 3937e3b6cb8f6cda2f1e450518a4e136\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_powerpc.deb\n Size/MD5: 89516 bf845949727422d0ae4d550966d34c72\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_powerpc.deb\n Size/MD5: 2301634 8bf6a7e2fcff62817459186c189673d1\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb\n Size/MD5: 6094 cb2ff11f6c55d69b99f39e64ad399774\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_powerpc.deb\n Size/MD5: 79292 b137122dde7459d5653e024b4d3b5852\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb\n Size/MD5: 25744 7765abc3cea993a82a638458202892e5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_powerpc.deb\n Size/MD5: 128304 69634210a2fa2a8af2383a12b657a568\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_sparc.deb\n Size/MD5: 35390 f4a5a9207d6494c05a7820cdbf2cadf9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_sparc.deb\n Size/MD5: 78720 423336f4bf4be9292f49f31ab6cac3dc\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_sparc.deb\n Size/MD5: 2287900 4833fae9ab11ecd3721faef405ad8167\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb\n Size/MD5: 6094 ebae0d6eb86d9e3f4fff77c860f1693c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_sparc.deb\n Size/MD5: 76568 7d1814766e366021fc136cb6577880b9\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb\n Size/MD5: 25746 a4eacdcf7d078a8200660cf0bb37c694\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_sparc.deb\n Size/MD5: 124034 6fd4c6c86596379e32fc228ed15cf4dc\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.diff.gz\n Size/MD5: 135129 091bf3e7ac7e1a1f074dc15d08c2c4d5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.dsc\n Size/MD5: 1441 9cf7f2d9b00a22af8e8ccdfbe234fd8e\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz\n Size/MD5: 4700333 383e556d9841475847da6076c88da467\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.5_all.deb\n Size/MD5: 1144240 9c3908b1639d493bcc580368adbfa3a3\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_amd64.deb\n Size/MD5: 37530 c252102dbd39005b010fff629e4daf2c\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_amd64.deb\n Size/MD5: 89980 2d95b8b2a44cfa62603335d6211f5fd1\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_amd64.deb\n Size/MD5: 1880552 e94141a55ae34eb9ac5be1b941268f5b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_amd64.deb\n Size/MD5: 60804 9e8d5476cccb6ea9ac0d0eaf1db9c615\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_amd64.deb\n Size/MD5: 50216 5de274a35fa3cbea87c9245b179364b5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_amd64.deb\n Size/MD5: 344920 6a966e90749cbaf815c511717b84abaa\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_amd64.deb\n Size/MD5: 178092 3d4bda40ecf7c2091cc173b79658d6c9\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_i386.deb\n Size/MD5: 36952 2c6053368cf2a00f66197eca444af3b5\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_i386.deb\n Size/MD5: 88394 0c572acada7273e30b15bcb3cc2874cb\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_i386.deb\n Size/MD5: 1863054 68e5cbd5fd1ed11bee4fef0c4e79de7f\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_i386.deb\n Size/MD5: 60082 062ad31917eedc6e5003e990807d838b\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_i386.deb\n Size/MD5: 49852 9ac15961d63d2fd6f4ce702e688a8985\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_i386.deb\n Size/MD5: 339354 8b842a2c754dc36a307aa64e613fe4c7\n http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_i386.deb\n Size/MD5: 174938 58ab39cc15878a158487fb858af9958d\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_lpia.deb\n Size/MD5: 36658 536346a17e6b5035307bdf1ce04b3799\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_lpia.deb\n Size/MD5: 88744 2141679378e4e3700c78c09ec936e1da\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_lpia.deb\n Size/MD5: 1865310 094ffb6f741440a18fca28d50b29ead0\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_lpia.deb\n Size/MD5: 60488 8681c7ebbe8e781fb7b3348b00da9de9\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_lpia.deb\n Size/MD5: 50808 dce50fc21c292b77ff3d0f21946cf23e\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_lpia.deb\n Size/MD5: 337014 84ca26401f9ae81f3d9f535f0361dd0c\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_lpia.deb\n Size/MD5: 173878 1f3e4888d7cf574b1c62aa092c852b8a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_powerpc.deb\n Size/MD5: 46918 6e9a925312380561f2299f66cb134357\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_powerpc.deb\n Size/MD5: 110820 b7b8c667cf96cfe0d60c1f2d1ba96628\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_powerpc.deb\n Size/MD5: 1949102 2d78cac8f6b3c758ac337c791de433a3\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_powerpc.deb\n Size/MD5: 59926 0c7f18be806b6467c39dd1955c6e4685\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_powerpc.deb\n Size/MD5: 54920 9403a69f365361e033707d5914a92f52\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_powerpc.deb\n Size/MD5: 341668 0ee868915ef0bd3e177244f931ec7b5d\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_powerpc.deb\n Size/MD5: 183836 e45a7d338ce136c48abf6c5cce3b6f6b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_sparc.deb\n Size/MD5: 38028 e556e3eecc385e35b5c790046f91cec9\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_sparc.deb\n Size/MD5: 91034 84e2052f3fd9e57363b13779fe3fb30f\n http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_sparc.deb\n Size/MD5: 1897852 30481f2e4dff5ba7e8d465d0771360c8\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_sparc.deb\n Size/MD5: 57826 72589c6d350921d2ac7d5a4207c5b78a\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_sparc.deb\n Size/MD5: 48216 59e887dda48b748158c7083d50fb6405\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_sparc.deb\n Size/MD5: 341372 0976433618733b76b21104715594256e\n http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_sparc.deb\n Size/MD5: 173768 853ddf9a445d28cdf2740957676b50cd\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.diff.gz\n Size/MD5: 329287 0f1eabafd9f35ce1c7103f131976af91\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.dsc\n Size/MD5: 2043 5c406df0ddf6c7f849147bbccb4350bb\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz\n Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.2_all.deb\n Size/MD5: 1162826 78ce799e56015d07969aea1b1e5750fe\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.2_all.deb\n Size/MD5: 58238 c04c758e79b5d28dec48637c8c73b549\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.2_all.deb\n Size/MD5: 58252 588dfe9e578fb1a17daf2faa5fab8774\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.2_all.deb\n Size/MD5: 58244 0fa4c07b2e66a7d0c106071d283d7edc\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.2_all.deb\n Size/MD5: 58236 f163f465b79566c194364d14ebb49608\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.2_all.deb\n Size/MD5: 58252 afd476b79ec34e694d19f360a2cbc64c\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.2_all.deb\n Size/MD5: 4526 bd17a9f9600e53f3c5ce3b18a2cae590\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.2_all.deb\n Size/MD5: 58240 b1702f69d74e496859096eb6101e5139\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_amd64.deb\n Size/MD5: 37300 2e18f255477200b6320afa7e6903508f\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_amd64.deb\n Size/MD5: 119744 9c484968a2250bd303c305df9d53943f\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_amd64.deb\n Size/MD5: 1682962 e7fa53ce69537cd609e8d88e1873e9cc\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_amd64.deb\n Size/MD5: 2172504 b4d5b2ce9603e2b36374b100dbf9ada7\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_amd64.deb\n Size/MD5: 352190 8bbf84d00818cf88c0f3d048fa425cf1\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_amd64.deb\n Size/MD5: 173268 01abbe7f859eef7e9e5d453792b96f76\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_amd64.deb\n Size/MD5: 61314 73a75d935ccb41f7827bfeff0bf8f9ec\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_amd64.deb\n Size/MD5: 52312 263e4265a47473eff3b416b896907103\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_i386.deb\n Size/MD5: 36226 c8d3d0df62f93d519369f37ab0d337bf\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_i386.deb\n Size/MD5: 115328 65483c26c3e0efe02922a59beeb0d833\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_i386.deb\n Size/MD5: 1542716 c3737d9cfb6277985baf83bf4a449150\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_i386.deb\n Size/MD5: 2139250 edef8688cd2fe57ac989b4bad50022ac\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_i386.deb\n Size/MD5: 345992 e4adcaea69f8ae947f1ca0b63af74ffd\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_i386.deb\n Size/MD5: 170194 fd8ab14aafda63f2f41cbd4885be0d81\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_i386.deb\n Size/MD5: 60534 5064205f7a26e8ed1a543932e6aad79e\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_i386.deb\n Size/MD5: 51718 e663a435f42d39438e5fdf1ed599c7cb\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_lpia.deb\n Size/MD5: 36014 b9a880feca8d481df4f9495cec8b8121\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_lpia.deb\n Size/MD5: 114512 1617fc04bc3c063dcb8bbc884050c6b2\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_lpia.deb\n Size/MD5: 1571962 7b061e95651696885125af95d7b08532\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_lpia.deb\n Size/MD5: 2135962 8695e326f9876ed3c3012becfaeed0f4\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_lpia.deb\n Size/MD5: 342968 9887c91b3ac9427b240317f6eb6d8bf0\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_lpia.deb\n Size/MD5: 168430 e13502a0fda3165d41d92f156f2ade21\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_lpia.deb\n Size/MD5: 60630 63b43b5b90c7f271d8ffc491d50c77e0\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_lpia.deb\n Size/MD5: 52386 f0ee10297823f8aa39049a1f9cff34bb\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_powerpc.deb\n Size/MD5: 43564 e3d68dd451cae339f4629e36363e27b4\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_powerpc.deb\n Size/MD5: 138160 8d11bd04570c0738af0b35ecef8ca018\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_powerpc.deb\n Size/MD5: 1663540 3f5d9437ffe6df630cde4ad4b4fbbe35\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_powerpc.deb\n Size/MD5: 2264222 6c49653a70198b67692c220135fe5428\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_powerpc.deb\n Size/MD5: 347966 72a14e0a64f503365475c436fa45ac39\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_powerpc.deb\n Size/MD5: 177464 2615af3dce1a5b56c001adcbab649264\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_powerpc.deb\n Size/MD5: 61256 b021d0be4915346dfc22203556c56ce4\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_powerpc.deb\n Size/MD5: 57436 a9463cb0014dba068fe6ad3dd05b7693\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_sparc.deb\n Size/MD5: 37216 b30aec0d4f3cff1d59594c1272002e93\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_sparc.deb\n Size/MD5: 117640 35ca75a0021841529ed85691ba0496bc\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_sparc.deb\n Size/MD5: 1490704 f143b16a5a811b517cc968d9e628feb9\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_sparc.deb\n Size/MD5: 2200938 91b1621927bd5feb83bd1dd8fa20005d\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_sparc.deb\n Size/MD5: 344786 c5e02a1f344ddc4e10b91b255ac869dd\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_sparc.deb\n Size/MD5: 166318 e6bfc6840275b954311c4544667d6193\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_sparc.deb\n Size/MD5: 57848 f4c6f5c70fd1ec7a95c322186e86c487\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_sparc.deb\n Size/MD5: 49796 52f0c961942e4a0b8e85ed3b6d4953a4\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.diff.gz\n Size/MD5: 331113 386644ef646604fa3ea0f18a3440dd94\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.dsc\n Size/MD5: 1984 974758acb855004824caa579913a402f\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz\n Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.1_all.deb\n Size/MD5: 1165116 0fea2201baecec1a63153ca024cf85b3\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.1_all.deb\n Size/MD5: 60220 78f1df511789d7c6fa564df73ae3737e\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.1_all.deb\n Size/MD5: 60230 dd363c3548b1d7bab16bb595ac2d8682\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.1_all.deb\n Size/MD5: 60222 3fe72599089459e0533070ee35696c96\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.1_all.deb\n Size/MD5: 60218 33922120f0f3b6d755691c6cd31a983a\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.1_all.deb\n Size/MD5: 4520 4944980239da17a124a13b5eb08814af\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.1_all.deb\n Size/MD5: 60204 578a4a096679845a551abab4687ecd07\n http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.1_all.deb\n Size/MD5: 60220 404eae856385b1def832fb0474551e51\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_amd64.deb\n Size/MD5: 37310 824835ae3f5e791b0ced4e0bfa0094aa\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_amd64.deb\n Size/MD5: 119750 d3562b6435de311fdfdd3f5a433beafe\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_amd64.deb\n Size/MD5: 1658120 811f80a88d0fdcee20f41383b313d073\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_amd64.deb\n Size/MD5: 2168616 178ada0830fa6b64f1b2a28f43ba68d5\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_amd64.deb\n Size/MD5: 352130 b9502f3daaa52d057a815e6a11433707\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_amd64.deb\n Size/MD5: 177068 fedd91d5e3094e813b85c910e6f950ab\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_amd64.deb\n Size/MD5: 61260 68d03afa62ffd74aa517c588cd32017d\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_amd64.deb\n Size/MD5: 52220 715bc18c530db346e2faad81789af0a0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_i386.deb\n Size/MD5: 36212 f8a3d3701b170c1637b469b1abcde7c6\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_i386.deb\n Size/MD5: 115324 062953a515a6c8b27c75c7539472f9f4\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_i386.deb\n Size/MD5: 1517622 a3c1f3ad98db97230d25ba20acfa4c11\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_i386.deb\n Size/MD5: 2134800 0cde4fc0fac7b7682f0a53f38caedbc4\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_i386.deb\n Size/MD5: 345990 2bc3076c1ad6c67c5858f62714ab4a3b\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_i386.deb\n Size/MD5: 173740 c44041d8784eae4ac9400a0d3b9b9138\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_i386.deb\n Size/MD5: 60488 c923e354bf04dbafff5339ea6d18433e\n http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_i386.deb\n Size/MD5: 51530 b03604b87ea464a7f97e26272582ee18\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_lpia.deb\n Size/MD5: 36032 2be317cc9206baaff256b4325072589a\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_lpia.deb\n Size/MD5: 114486 8c27d1961b1aa8a73f3c342ae6ae92f8\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_lpia.deb\n Size/MD5: 1546154 0d3adaac793d357587ce7cc4275fe55f\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_lpia.deb\n Size/MD5: 2132166 9ae39e3c42178dd9b384fc8bc8a13d82\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_lpia.deb\n Size/MD5: 342936 2cff2dcc4b5cd9e54046bd97f2ca1bed\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_lpia.deb\n Size/MD5: 171954 a2ea14f0324efa3d936f8a31730d0c9d\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_lpia.deb\n Size/MD5: 60678 4594a7764c86b427ff76b2700a294ddc\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_lpia.deb\n Size/MD5: 52340 86b3bb0d4279f78231d1bdd0e1dbc3fb\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_powerpc.deb\n Size/MD5: 43578 302e5e3849b99d0a12e2ff4f96be71d1\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_powerpc.deb\n Size/MD5: 138164 5e62e249891ed196a7eb21466205fd7b\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_powerpc.deb\n Size/MD5: 1633586 15e374d5ff627a56713f2a7ce61ef616\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_powerpc.deb\n Size/MD5: 2256002 66dd6a9c74b750671c86e90163941953\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_powerpc.deb\n Size/MD5: 347906 cb12b0143262bdbe01a6e69584947228\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_powerpc.deb\n Size/MD5: 182450 c07ea0fed64ca677713c8a9362a38467\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_powerpc.deb\n Size/MD5: 61302 934f995a352040b03daf4b4462da2892\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_powerpc.deb\n Size/MD5: 57414 31f122cc6a44e90c362dda241b98648c\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_sparc.deb\n Size/MD5: 37204 d11aa276b3c4049110c587b2131d1207\n http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_sparc.deb\n Size/MD5: 117558 c29f382879fce337b440b71cb3a88b3d\n http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_sparc.deb\n Size/MD5: 1462180 9c40f63f4c088299eec0d97317c53a3a\n http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_sparc.deb\n Size/MD5: 2201794 00f9c319e7fd6b9eeed508baba656d21\n http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_sparc.deb\n Size/MD5: 344712 9f8df2c64cff337847abca91c4e3fb1f\n http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_sparc.deb\n Size/MD5: 169558 555c2de1cc4ff90754500bb42947453e\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_sparc.deb\n Size/MD5: 57850 d5d1dc89040b20f04c6a99d14524a6d1\n http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_sparc.deb\n Size/MD5: 49686 46af0e0b82ed5cc1d562909eacd9a35c\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2009:282-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : cups\n Date : December 7, 2009\n Affected: 2008.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple integer overflows in the JBIG2 decoder in\n Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and\n other products allow remote attackers to cause a denial\n of service (crash) via a crafted PDF file, related to (1)\n JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg,\n and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0163)\n \n Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,\n as used in Poppler and other products, when running on Mac OS X,\n has unspecified impact, related to g*allocn. (CVE-2009-0166)\n \n Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9,\n and probably other products, allows remote attackers to execute\n arbitrary code via a PDF file with crafted JBIG2 symbol dictionary\n segments (CVE-2009-0195). NOTE:\n the JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0799)\n \n Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2\n and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and\n other products allow remote attackers to execute arbitrary code via\n a crafted PDF file. (CVE-2009-0949)\n \n Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,\n CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products\n allows remote attackers to execute arbitrary code via a crafted PDF\n file. (CVE-2009-1179)\n \n The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,\n Poppler before 0.10.6, and other products allows remote attackers to\n execute arbitrary code via a crafted PDF file that triggers a free\n of invalid data. (CVE-2009-1181)\n \n Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2\n and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and\n other products allow remote attackers to execute arbitrary code via\n a crafted PDF file. (CVE-2009-1182)\n \n The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and\n earlier, Poppler before 0.10.6, and other products allows remote\n attackers to cause a denial of service (infinite loop and hang)\n via a crafted PDF file. (CVE-2009-1183)\n \n Two integer overflow flaws were found in the CUPS pdftops filter. An\n attacker could create a malicious PDF file that would cause pdftops\n to crash or, potentially, execute arbitrary code as the lp user if\n the file was printed. (CVE-2009-3608, CVE-2009-3609)\n \n This update corrects the problems. \n\n Update:\n\n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0949\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 6b17f59f63c062c017c78d459dd2d89a 2008.0/i586/cups-1.3.10-0.1mdv2008.0.i586.rpm\n 9bc5298d9895c356227fdda3a0ddb2c0 2008.0/i586/cups-common-1.3.10-0.1mdv2008.0.i586.rpm\n e3583883df8532fc8c496866dac713f8 2008.0/i586/cups-serial-1.3.10-0.1mdv2008.0.i586.rpm\n fac1fcb839ad53322a447d4d39f769e3 2008.0/i586/libcups2-1.3.10-0.1mdv2008.0.i586.rpm\n 3d65afc590fb8520d68b2a3e8e1da696 2008.0/i586/libcups2-devel-1.3.10-0.1mdv2008.0.i586.rpm\n 9e09ed22a2522ee45e93e0edc146193f 2008.0/i586/libpoppler2-0.6-3.5mdv2008.0.i586.rpm\n 7427b1f56387e84db5a15aad85b424d2 2008.0/i586/libpoppler-devel-0.6-3.5mdv2008.0.i586.rpm\n 67937a584d365d6b00ef688c88e8d7c5 2008.0/i586/libpoppler-glib2-0.6-3.5mdv2008.0.i586.rpm\n 410dc85c2c7b71ab316be5607c556682 2008.0/i586/libpoppler-glib-devel-0.6-3.5mdv2008.0.i586.rpm\n 64d6e14be8d93c7651ce5dc3e2ebc5bf 2008.0/i586/libpoppler-qt2-0.6-3.5mdv2008.0.i586.rpm\n cc9af7e314b6eaa6a8f946fa2c27f298 2008.0/i586/libpoppler-qt4-2-0.6-3.5mdv2008.0.i586.rpm\n 0c6d3a6b5211e8506a89144b8c3a3cfb 2008.0/i586/libpoppler-qt4-devel-0.6-3.5mdv2008.0.i586.rpm\n c985516638ed4d8f792daa13bd506023 2008.0/i586/libpoppler-qt-devel-0.6-3.5mdv2008.0.i586.rpm\n 8d05619dcef538092696ce70998abd20 2008.0/i586/php-cups-1.3.10-0.1mdv2008.0.i586.rpm\n 0bae2a3525b796882d2cc87853945e5a 2008.0/i586/poppler-0.6-3.5mdv2008.0.i586.rpm \n f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm\n 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8249475feb3bdc74ea7060944baed6aa 2008.0/x86_64/cups-1.3.10-0.1mdv2008.0.x86_64.rpm\n 83951504acb783cfdb8ec4fe48d31e1e 2008.0/x86_64/cups-common-1.3.10-0.1mdv2008.0.x86_64.rpm\n fa8a91e8e3bc8f11c19ab460d1f690fe 2008.0/x86_64/cups-serial-1.3.10-0.1mdv2008.0.x86_64.rpm\n e061fdbeded2d97bb3ca6b34d33cb384 2008.0/x86_64/lib64cups2-1.3.10-0.1mdv2008.0.x86_64.rpm\n 893235ea8cf23295ae961ea2de0b9903 2008.0/x86_64/lib64cups2-devel-1.3.10-0.1mdv2008.0.x86_64.rpm\n 9844640563afdef4a870e2ed12e58136 2008.0/x86_64/lib64poppler2-0.6-3.5mdv2008.0.x86_64.rpm\n 06ea824a6a2cd9360a9e75a14718192a 2008.0/x86_64/lib64poppler-devel-0.6-3.5mdv2008.0.x86_64.rpm\n bb0eb04fa906a352e6738d08f116f89b 2008.0/x86_64/lib64poppler-glib2-0.6-3.5mdv2008.0.x86_64.rpm\n 43d6a85dfdad7e969655ee4e2a377370 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.5mdv2008.0.x86_64.rpm\n eef29dde4b9e80d4c360e953cbe9110b 2008.0/x86_64/lib64poppler-qt2-0.6-3.5mdv2008.0.x86_64.rpm\n c74dc9f245091f451441d8b88f0beed3 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.5mdv2008.0.x86_64.rpm\n 60345458274afc6ff480317fc408ec52 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.5mdv2008.0.x86_64.rpm\n 0a880b9c0d655c10f5757882e30911f1 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.5mdv2008.0.x86_64.rpm\n eb6fde793ac0d7ea86df42aa22637807 2008.0/x86_64/php-cups-1.3.10-0.1mdv2008.0.x86_64.rpm\n 7f475f07368ed9158008f2891dce2cd6 2008.0/x86_64/poppler-0.6-3.5mdv2008.0.x86_64.rpm \n f3b53f5fafa8af4d754a5985e5f93830 2008.0/SRPMS/cups-1.3.10-0.1mdv2008.0.src.rpm\n 11b021f4e5d21d199728b9a0a37a8230 2008.0/SRPMS/poppler-0.6-3.5mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHXsgmqjQ0CJFipgRAu1fAKCINX1H5StX89GjMDWzGrEM1UiHeACeMLSY\na3mQtrfvoibfn29OFAfdSn0=\n=lTbL\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.2.7-4+etch8 of cupsys. \n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.3.8-1+lenny6 of cups. \n\nFor the testing distribution (squeeze), this problem will be fixed soon. \n\nFor the unstable distribution (sid), this problem will be fixed soon. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz\n Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.dsc\n Size/MD5 checksum: 1094 42b2e4d0d1709d31270cbd0361ded3f4\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.diff.gz\n Size/MD5 checksum: 109744 c73260161da939be7517c6ff0c5493cb\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4+etch8_all.deb\n Size/MD5 checksum: 921366 4cec0d4b82b768bd42c801e87831eec9\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4+etch8_all.deb\n Size/MD5 checksum: 46424 bc032e7d1c4520843b540d3bb238d3a3\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_alpha.deb\n Size/MD5 checksum: 72856 a2c626b3f8dd8e43cecc395c5cf9ef03\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_alpha.deb\n Size/MD5 checksum: 1614886 8286658ca407d05ecc87ea4cd2dc870a\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_alpha.deb\n Size/MD5 checksum: 183730 f2c644de893bf0ca28868cfecefca04d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_alpha.deb\n Size/MD5 checksum: 85916 7233e6ec6bb857653d2829cd80012d41\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_alpha.deb\n Size/MD5 checksum: 1093518 e6544fc0edd973d09a1e00652991845b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_alpha.deb\n Size/MD5 checksum: 96030 23aca27ae72c081612fb247cfd9e33da\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_alpha.deb\n Size/MD5 checksum: 39332 a931e92b73c1004f4c8ed110c01ac728\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_alpha.deb\n Size/MD5 checksum: 175552 8bb48e7fdb170d74a14e65aecee3b230\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_amd64.deb\n Size/MD5 checksum: 1087540 1e71685c6620845318d49cf1fcf5feb0\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_amd64.deb\n Size/MD5 checksum: 87128 281a245270d6c2dcd7f0e1a6fc7d0b12\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_amd64.deb\n Size/MD5 checksum: 37572 c0491559f8465d610a0577cc23f00de5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_amd64.deb\n Size/MD5 checksum: 162892 42d1cf5ceaa5ed7a95f16b869e6df97f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_amd64.deb\n Size/MD5 checksum: 80862 511e522206e17f759cd7c56e934f08bd\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_amd64.deb\n Size/MD5 checksum: 1572040 e2582ab015e6e3a3858b713d6f159a34\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_amd64.deb\n Size/MD5 checksum: 53056 d4c82327123ddc2c0e48c804634603ae\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_amd64.deb\n Size/MD5 checksum: 142418 d9314cb33230b9c6dbe571671b14adda\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_arm.deb\n Size/MD5 checksum: 1023048 8b559f55ae312c59e22a113fd6928c5f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_arm.deb\n Size/MD5 checksum: 36758 cb2e80f86795f10af3fc100aa4506def\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_arm.deb\n Size/MD5 checksum: 1567912 776f4974949a31b3facd38b302b8097a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_arm.deb\n Size/MD5 checksum: 78698 6122e3902076dd2c3247dd4b5a56a660\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_arm.deb\n Size/MD5 checksum: 48958 92730848f69e8540412fdf8bdfb96c1f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_arm.deb\n Size/MD5 checksum: 85496 230c5b107dff69eca6f8d6241277a95f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_arm.deb\n Size/MD5 checksum: 154962 8803b8b5ac7a11e3a2cf5a40f389d049\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_arm.deb\n Size/MD5 checksum: 131674 22e1a6767fc65ac920a5ce245743f9fd\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_hppa.deb\n Size/MD5 checksum: 154688 26ee139a8daabd621479d73ac2d04a16\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_hppa.deb\n Size/MD5 checksum: 1628398 beed29d0d6a15e33a83206acf3380cce\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_hppa.deb\n Size/MD5 checksum: 57246 07d89a1799a8b8daf3fb13f8c0b155d3\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_hppa.deb\n Size/MD5 checksum: 86802 f4e4a831a178e7e9df1f66a3af3633fb\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_hppa.deb\n Size/MD5 checksum: 172252 78031fa93b94ba44187e0986e82d6201\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_hppa.deb\n Size/MD5 checksum: 40370 b203925426b9411027184af8af2f73d6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_hppa.deb\n Size/MD5 checksum: 1037196 85cd25d326e4535a9a18921e1016788d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_hppa.deb\n Size/MD5 checksum: 91586 1ef7a9dd2be035a8504bd124e1da385d\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_i386.deb\n Size/MD5 checksum: 137728 7f9d176b0cb1e5976ea06e58526a60f4\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_i386.deb\n Size/MD5 checksum: 87336 3b3b4ffad78f35ffc5e05941bdfc15bd\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_i386.deb\n Size/MD5 checksum: 37416 3513b7cef1c51a35efd9ffd3c294e14d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_i386.deb\n Size/MD5 checksum: 1000830 28dedcb611ed0538308122b860ba58c8\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_i386.deb\n Size/MD5 checksum: 53206 d0ae9184a84597d989b69fe7e25bc470\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_i386.deb\n Size/MD5 checksum: 1560356 5a8dc9c147a9d5c82224478f64731f0f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_i386.deb\n Size/MD5 checksum: 79744 40326a8b68de9dbe6987e39fe95a13f8\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_i386.deb\n Size/MD5 checksum: 160956 da17f9d144495fde4e4c8bbad95560e8\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_ia64.deb\n Size/MD5 checksum: 106218 609f68aa16bfd657583e8be99a2ad0c1\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_ia64.deb\n Size/MD5 checksum: 74386 f0259501885d635d40aab9308a1bfbf3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_ia64.deb\n Size/MD5 checksum: 192362 9009b4a91e64ab0a1c325bcaec97c2e0\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_ia64.deb\n Size/MD5 checksum: 1108908 1db7bb18903f47d5de29482709e3ff78\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_ia64.deb\n Size/MD5 checksum: 1771178 f104a7cc65ef288cd7758bb2175709a0\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_ia64.deb\n Size/MD5 checksum: 204522 8628cbc5cf2b22ed1d4eaeda2d7b4a60\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_ia64.deb\n Size/MD5 checksum: 46334 726f90dd146cd9d2d6ad964c0e718585\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_ia64.deb\n Size/MD5 checksum: 107424 c3c93da377fee4bf48f57778b305d5db\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mips.deb\n Size/MD5 checksum: 1098528 5a9e021f7509cbde95ef66da819c3228\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mips.deb\n Size/MD5 checksum: 150986 db510250f4f5aac631a743f04dc8054d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mips.deb\n Size/MD5 checksum: 36124 d8663fcdd8acb88018af29a3af61c9f6\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mips.deb\n Size/MD5 checksum: 158310 776e9b5f14047779211e1262ae9f62d0\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mips.deb\n Size/MD5 checksum: 76166 26a80a28871b162d72c2469a18ce6966\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mips.deb\n Size/MD5 checksum: 87110 f71b2aa6af126f5ae434e1381126fc34\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mips.deb\n Size/MD5 checksum: 1568290 ad4192ffb0d477ae964f6c3b039e52ac\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mips.deb\n Size/MD5 checksum: 57678 da4e6ba9b1a61ad4bdc6a8e8d682fc61\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mipsel.deb\n Size/MD5 checksum: 87254 e2917b072751a45afba30498006b71c3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mipsel.deb\n Size/MD5 checksum: 150894 09067f14c0938ef6dbeb500256dd42f9\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mipsel.deb\n Size/MD5 checksum: 1553678 c4168376ca4d74744e24be76ec159067\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mipsel.deb\n Size/MD5 checksum: 158842 f6d3053079e08de8e617272fd4a8489d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mipsel.deb\n Size/MD5 checksum: 1086490 e82ba4868d85ad36861a8aff82f6f72a\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mipsel.deb\n Size/MD5 checksum: 36070 c67551d542db6a7b5081b8f0e1bdf30e\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mipsel.deb\n Size/MD5 checksum: 57804 fa0c855349bfa38f31c82e83374ccdab\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mipsel.deb\n Size/MD5 checksum: 77446 936b8d1173c259822d9e5ae3e82eb357\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_powerpc.deb\n Size/MD5 checksum: 41342 f5d1131ddc30cb780322237c47411177\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_powerpc.deb\n Size/MD5 checksum: 1147440 23944aceda9e865a4aab581509bb4058\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_powerpc.deb\n Size/MD5 checksum: 89404 9a0198042c3eb4ef053f720d20706c34\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_powerpc.deb\n Size/MD5 checksum: 163446 75275152a9b69f479d4b0c6ae8fb3fa0\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_powerpc.deb\n Size/MD5 checksum: 1582758 4544b9bc4aaf231fe604449311f118b9\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_powerpc.deb\n Size/MD5 checksum: 89574 942740b75d722b0fcbf284bc05035e48\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_powerpc.deb\n Size/MD5 checksum: 136242 5ef0278b80c263897d8942f9bc03631e\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_powerpc.deb\n Size/MD5 checksum: 51926 a35183dcb7bc3a0490b2ee1d8ed5ab3d\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_s390.deb\n Size/MD5 checksum: 82334 745d2f27c678f02ad011fa15f1731560\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_s390.deb\n Size/MD5 checksum: 1587692 d3c2245878121c7c16752f2b9949d0dc\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_s390.deb\n Size/MD5 checksum: 166998 64e5615906a50a2c19ee5359a521a9f6\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_s390.deb\n Size/MD5 checksum: 52522 199020914a0d52a771d112c6b2823de8\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_s390.deb\n Size/MD5 checksum: 1037546 89b9f600cc2a513678446a2a2fcb5b81\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_s390.deb\n Size/MD5 checksum: 88194 b376557a4f613fb65f46cbfae42050bf\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_s390.deb\n Size/MD5 checksum: 144934 da63d5b24df68891c2806f0f514911e6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_s390.deb\n Size/MD5 checksum: 37422 3b0a8733a1ef7bf6fae8f00bb306bceb\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_sparc.deb\n Size/MD5 checksum: 78608 fb366ff39679d91c983deb2022ec0f0c\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_sparc.deb\n Size/MD5 checksum: 159716 eb0065adeacdf8a7f23098195a515e03\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_sparc.deb\n Size/MD5 checksum: 86066 5c0f9c078202fbf4c2f9c7cae3c89057\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_sparc.deb\n Size/MD5 checksum: 1578044 a94273670520f2db0fd4767ecb93cc4c\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_sparc.deb\n Size/MD5 checksum: 36060 b54d8ba11e9f8fd155e0b29f1609ebcd\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_sparc.deb\n Size/MD5 checksum: 51832 cb3bf2ee0f2d4661cd8198f8da780d00\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_sparc.deb\n Size/MD5 checksum: 996840 5609f09834fb8eecc031ad52bb1ba550\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_sparc.deb\n Size/MD5 checksum: 138744 5e701d9b2c7941e857c143e7289c3a20\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.diff.gz\n Size/MD5 checksum: 185068 01548b71a9c9f8f3cd4c4e38be162e0c\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.dsc\n Size/MD5 checksum: 1837 74c7cc9607928673ef30937fa74d154c\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz\n Size/MD5 checksum: 4796827 10efe9825c1a1dcd325be47a6cc21faf\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny6_all.deb\n Size/MD5 checksum: 52146 7e655df3208e7b1c14e963e62d2a1f9e\n http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny6_all.deb\n Size/MD5 checksum: 52174 ca30676d4f14b19d69f07948ec920645\n http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny6_all.deb\n Size/MD5 checksum: 52172 0745ebb9d35b06b2baed0946c9c4cdf4\n http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny6_all.deb\n Size/MD5 checksum: 52162 39dda2a8979e6d53d369a850a7287f98\n http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny6_all.deb\n Size/MD5 checksum: 52162 185cdcccb15621495bb4dd922824fb27\n http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny6_all.deb\n Size/MD5 checksum: 52162 7cfc925b6070373cb03f50e28ffcb5eb\n http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny6_all.deb\n Size/MD5 checksum: 1180808 ab548a8679a470d91055cb14a524f019\n http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny6_all.deb\n Size/MD5 checksum: 52166 808680daaacf24e6969a46b5821c05b4\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_alpha.deb\n Size/MD5 checksum: 37990 1d176c775ae611d5de6fc28debeac312\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_alpha.deb\n Size/MD5 checksum: 108462 bee5be572e1c162c31a2f2cb6fccd95b\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_alpha.deb\n Size/MD5 checksum: 118450 c6848af4b97d419426046f53c0a10c8b\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_alpha.deb\n Size/MD5 checksum: 445916 a291be3dfa900c17126ce9796d71db2a\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_alpha.deb\n Size/MD5 checksum: 2099172 fabc17ee844d661b518a4c35321c5128\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_alpha.deb\n Size/MD5 checksum: 1142836 46addc9aade19f27e42b443768023f94\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_alpha.deb\n Size/MD5 checksum: 179128 0c7440b785436020854b72114e9e7686\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_alpha.deb\n Size/MD5 checksum: 81496 5235f6c116886ee493467ff1e52dff9f\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_amd64.deb\n Size/MD5 checksum: 168874 34599b5781a04df793603da238d30224\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_amd64.deb\n Size/MD5 checksum: 61012 fcd44c54190e1f2212335b0f971b2241\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_amd64.deb\n Size/MD5 checksum: 1197270 584dbf166833f9f50a43137f1e2c04f7\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_amd64.deb\n Size/MD5 checksum: 2070558 64782a03e7391d3b983fe918b6d416a6\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_amd64.deb\n Size/MD5 checksum: 116780 317905cae4f2ba4acbdb62cc46b87e2a\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_amd64.deb\n Size/MD5 checksum: 401290 bdd244d1e6559d959eb803f8bd6abbf2\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_amd64.deb\n Size/MD5 checksum: 37236 b3642bfa15ff0fe3c6d983e031275da6\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_amd64.deb\n Size/MD5 checksum: 99702 17dbaea17495777f8ba8a2996acc3725\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_arm.deb\n Size/MD5 checksum: 387466 6ac7763fc0ade8a3703104cdd3c3357a\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_arm.deb\n Size/MD5 checksum: 97190 e274997fb4e49c281c21549b1120efb2\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_arm.deb\n Size/MD5 checksum: 113164 eaa19c4d0964cd38613ab2c58f07ce26\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_arm.deb\n Size/MD5 checksum: 2059026 ee1367a147b8c07bae9c87ccc87c4998\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_arm.deb\n Size/MD5 checksum: 55342 c57db0444dc9193f0ab35e1a934400ec\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_arm.deb\n Size/MD5 checksum: 155270 5f0300fb74cb89f6b9b7bb45537f4aec\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_arm.deb\n Size/MD5 checksum: 1123418 df0367cba01ba9919f409b022dbe7c1b\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_arm.deb\n Size/MD5 checksum: 36484 7294561d854c324dc268c8fb0d616a2a\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_armel.deb\n Size/MD5 checksum: 1128236 5fb35a72133c870e444fe0b1250db6b2\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_armel.deb\n Size/MD5 checksum: 38752 777da1a892c9d354f5e1ae2575b97d47\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_armel.deb\n Size/MD5 checksum: 2075760 a850581323f50e10ded793a321763a39\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_armel.deb\n Size/MD5 checksum: 387318 64dc6d3b023d3de8a9ad99c244555008\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_armel.deb\n Size/MD5 checksum: 98356 96861930db8e85257fa250312839d177\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_armel.deb\n Size/MD5 checksum: 119314 7a4acbab9f1600e266780b8e4edc8161\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_armel.deb\n Size/MD5 checksum: 156808 a67d3ee08ed7bbcee2d90e45b4c5d9fc\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_armel.deb\n Size/MD5 checksum: 54730 26bc079114200f249ee55182577d978b\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_hppa.deb\n Size/MD5 checksum: 102958 61cca5c9fe91de9823fe3b141df6cbfd\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_hppa.deb\n Size/MD5 checksum: 2118150 9a34c8fcfda89744ff1ed5cb57fdeae1\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_hppa.deb\n Size/MD5 checksum: 63136 dcc115ea567651075e3b7fbf73477f2c\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_hppa.deb\n Size/MD5 checksum: 406484 36b77c3f6c05df1f44b9a971b2fd3bc8\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_hppa.deb\n Size/MD5 checksum: 121714 30743045e4927713923ab1f3bb9e6360\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_hppa.deb\n Size/MD5 checksum: 1141670 a1d27d8aec34d3e1cefd8af9d680fdce\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_hppa.deb\n Size/MD5 checksum: 172628 bc5c1f4a039c3fb8dbfdd0dc36aa2f56\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_hppa.deb\n Size/MD5 checksum: 39974 b00448f41ec531188e029bc7173f5271\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_i386.deb\n Size/MD5 checksum: 99256 289e9977f36773c117b6fcc6580b464f\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_i386.deb\n Size/MD5 checksum: 1096046 28adf6b61f8bff81e19ee5b7fc464aac\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_i386.deb\n Size/MD5 checksum: 60422 d4646115f417b7d56b1665283e914b42\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_i386.deb\n Size/MD5 checksum: 115956 4db026d788ab7bcb923847491f46b8ca\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_i386.deb\n Size/MD5 checksum: 2051272 6b1ce4707c65c46af6ae766ce9b50e99\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_i386.deb\n Size/MD5 checksum: 165348 ffd04ab3b875fef36b26fe3dd1106996\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_i386.deb\n Size/MD5 checksum: 393998 080d022507d07a4713b3f95acb7c22f6\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_i386.deb\n Size/MD5 checksum: 38022 7990b6a4a8d217fe07e7e1bd0f9108ff\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_ia64.deb\n Size/MD5 checksum: 2281420 2adc4c08d3bc24c8d70acac31ca8421a\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_ia64.deb\n Size/MD5 checksum: 123434 e3c1cbbd801a0ddd985e3b27c021b9d8\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_ia64.deb\n Size/MD5 checksum: 209034 5bfbe9000e4f1cafdbc66a6a94c20e7b\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_ia64.deb\n Size/MD5 checksum: 1149350 7f6b259e7f4ecc70accf51236efb3a5a\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_ia64.deb\n Size/MD5 checksum: 41278 1cee7bf398c2e2c7e4189f005cbb3444\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_ia64.deb\n Size/MD5 checksum: 139124 8ff9597b3e2cd534614a66531a5db361\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_ia64.deb\n Size/MD5 checksum: 447412 b59175ffef15d9b2e618b85ce6f8cff2\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_ia64.deb\n Size/MD5 checksum: 86018 e5badf6982128286853fc360fc77a4d3\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mips.deb\n Size/MD5 checksum: 157842 c3652835b110a94fc5a5f9d20230e443\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mips.deb\n Size/MD5 checksum: 2047282 ce608c3fa6d89e7d7ff3e313f88fbef2\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mips.deb\n Size/MD5 checksum: 98662 ddbba9bea120f9b7740adc8ceb45c3dc\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mips.deb\n Size/MD5 checksum: 108508 0a5b6ba27061cfa40e45cfc514d3ba0d\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mips.deb\n Size/MD5 checksum: 36010 a786245e49b8cabcaad41a5e92a5c884\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mips.deb\n Size/MD5 checksum: 65290 155e5959fac035fc8307800061913d35\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mips.deb\n Size/MD5 checksum: 1170866 11910e0f1ccbb2f3ba151cbfe8186696\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mips.deb\n Size/MD5 checksum: 405510 4f848ff0dd8f2b08f3fa3bb220a6f75c\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mipsel.deb\n Size/MD5 checksum: 158274 8c3b143ee488c17cf00cf7599bee331c\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mipsel.deb\n Size/MD5 checksum: 98792 74a91f31a602f6f2a0c04b4e72723b86\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mipsel.deb\n Size/MD5 checksum: 1156060 f3be7e74bd904dfdecc086bc6ee16bf5\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mipsel.deb\n Size/MD5 checksum: 403142 42cf44870e91355bb7a465dce52605ae\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mipsel.deb\n Size/MD5 checksum: 36142 daa9ed0b87002a002bece0890b1a6e12\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mipsel.deb\n Size/MD5 checksum: 65216 a1c8b686980e932f19a789430a4eafaa\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mipsel.deb\n Size/MD5 checksum: 2028136 a67cf50db9734a8175936ff5e2d45d5d\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mipsel.deb\n Size/MD5 checksum: 109968 23ff5d8a36aecd545c5cf210bc3873d5\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_powerpc.deb\n Size/MD5 checksum: 394114 5309447c955f4decbe93f50802ed1805\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_powerpc.deb\n Size/MD5 checksum: 1188662 f8438353bab0a00502a1687042c54961\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_powerpc.deb\n Size/MD5 checksum: 61144 ac80e1cd5cc0661c10693d360e32c11d\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_powerpc.deb\n Size/MD5 checksum: 174232 5938321743bda64571c6d0797f84dca1\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_powerpc.deb\n Size/MD5 checksum: 104730 d5f60c53825c532dca34cb21f1c1d2fb\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_powerpc.deb\n Size/MD5 checksum: 44212 d0b547b8cf87254ce65874df057468db\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_powerpc.deb\n Size/MD5 checksum: 136102 34f3fbb1bf5519277c20944b3d118a6c\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_powerpc.deb\n Size/MD5 checksum: 2122006 f0e6902972831c2490b6f6bcbecd1ba0\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_s390.deb\n Size/MD5 checksum: 101502 e48e528e2b3ee8140dcce180aae0feb8\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_s390.deb\n Size/MD5 checksum: 37818 7f26d32ff01aa1088e424a16439d0990\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_s390.deb\n Size/MD5 checksum: 171544 131841fd12d9331c312f8a28718fe8a1\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_s390.deb\n Size/MD5 checksum: 399662 f80688352e705e1293d64bb211dcd568\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_s390.deb\n Size/MD5 checksum: 2090700 7d406321bb349547bdbe43123fb770f3\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_s390.deb\n Size/MD5 checksum: 118588 64d6969a96a76de52a7296c745116a48\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_s390.deb\n Size/MD5 checksum: 1188192 365ee760b0b9b8dd869dd11f1f4c42f9\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_s390.deb\n Size/MD5 checksum: 60716 634f2ba3cc0eb22c59252f15a1582770\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_sparc.deb\n Size/MD5 checksum: 390982 1235ace473b594360267daef5663c1b3\n http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_sparc.deb\n Size/MD5 checksum: 116666 3c08364f33b2594c4f8be8c0bfce7333\n http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_sparc.deb\n Size/MD5 checksum: 1051168 056faed5a5baf927d91b21b4fe624812\n http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_sparc.deb\n Size/MD5 checksum: 38374 6401223175cfcf9082f3fac43a4f9d42\n http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_sparc.deb\n Size/MD5 checksum: 2069062 4041871842ca0f29408c95c39f9cbb68\n http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_sparc.deb\n Size/MD5 checksum: 160772 6a682010c72d5d78f4a6efcfb3ed5955\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_sparc.deb\n Size/MD5 checksum: 57762 478e92cd02d8acb20a600d4ca61aba39\n http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_sparc.deb\n Size/MD5 checksum: 96996 37446d6e2f9dbf94122db96d1df00b9f\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkolko8ACgkQHYflSXNkfP+rjwCfWDGEVO8HeUkO9sF09pz0Nvwn\n4GMAn3rgCfJK2rFC5dZyvIzTiyo6CiUb\n=6yYH\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0949"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
},
{
"db": "BID",
"id": "35169"
},
{
"db": "VULHUB",
"id": "VHN-38395"
},
{
"db": "PACKETSTORM",
"id": "82086"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "78081"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "78033"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-38395",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38395"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0949",
"trust": 4.2
},
{
"db": "BID",
"id": "35169",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "35340",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "35342",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1022321",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "35328",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35685",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35322",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "36701",
"trust": 1.7
},
{
"db": "XF",
"id": "50926",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001733",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20090602 CORE-2009-0420 - APPLE CUPS IPP_TAG_UNSUPPORTED HANDLING NULL POINTER VULNERABILITY",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2009:012",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1811",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-780-1",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2009:1082",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2009:1083",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2009-09-10-2",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200906-120",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "78081",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "78033",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-86277",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "78040",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "33020",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-38395",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82088",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83554",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38395"
},
{
"db": "BID",
"id": "35169"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"db": "PACKETSTORM",
"id": "82086"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "78081"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "78033"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
},
{
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"id": "VAR-200906-0617",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-38395"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:56:36.646000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RHSA-2009",
"trust": 0.8,
"url": "http://www.cups.org/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-908",
"trust": 1.0
},
{
"problemtype": "Use of uninitialized resources (CWE-908) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-399",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38395"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/35169"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1022321"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/35340"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/35342"
},
{
"trust": 2.0,
"url": "http://www.coresecurity.com/content/applecups-null-pointer-vulnerability"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2009/sep/msg00004.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht3865"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500972"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2009/dsa-1811"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2009-1082.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2009-1083.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35322"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35328"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35685"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/36701"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-780-1"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/50926"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/504032/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9631"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50926"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0949"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0949"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/504032/100/0/threaded"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0163"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0791"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3609"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0166"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0147"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0791"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0163"
},
{
"trust": 0.4,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0949"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0146"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3608"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2009-227.htm"
},
{
"trust": 0.3,
"url": "http://www.cups.org"
},
{
"trust": 0.3,
"url": "/archive/1/504032"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2009-202.htm"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0165"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1180"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1179"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1182"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0799"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0195"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0800"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1181"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0195"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1183"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1196"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1196"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.14_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.14.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4+etch8_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_arm.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4+etch8_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4+etch8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4+etch8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4+etch8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4+etch8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4+etch8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4+etch8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4+etch8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4+etch8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny6_mips.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38395"
},
{
"db": "BID",
"id": "35169"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"db": "PACKETSTORM",
"id": "82086"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "78081"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "78033"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
},
{
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-38395"
},
{
"db": "BID",
"id": "35169"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"db": "PACKETSTORM",
"id": "82086"
},
{
"db": "PACKETSTORM",
"id": "82088"
},
{
"db": "PACKETSTORM",
"id": "78081"
},
{
"db": "PACKETSTORM",
"id": "82087"
},
{
"db": "PACKETSTORM",
"id": "83554"
},
{
"db": "PACKETSTORM",
"id": "78033"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
},
{
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-38395"
},
{
"date": "2009-06-02T00:00:00",
"db": "BID",
"id": "35169"
},
{
"date": "2009-07-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"date": "2009-10-21T02:32:05",
"db": "PACKETSTORM",
"id": "82086"
},
{
"date": "2009-10-21T03:01:09",
"db": "PACKETSTORM",
"id": "82088"
},
{
"date": "2009-06-04T22:36:44",
"db": "PACKETSTORM",
"id": "78081"
},
{
"date": "2009-10-21T02:57:54",
"db": "PACKETSTORM",
"id": "82087"
},
{
"date": "2009-12-08T01:31:40",
"db": "PACKETSTORM",
"id": "83554"
},
{
"date": "2009-06-03T04:03:06",
"db": "PACKETSTORM",
"id": "78033"
},
{
"date": "2009-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-120"
},
{
"date": "2009-06-09T17:30:00.657000",
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-38395"
},
{
"date": "2015-03-19T09:33:00",
"db": "BID",
"id": "35169"
},
{
"date": "2024-02-28T07:01:00",
"db": "JVNDB",
"id": "JVNDB-2009-001733"
},
{
"date": "2009-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-120"
},
{
"date": "2024-02-09T00:17:23.450000",
"db": "NVD",
"id": "CVE-2009-0949"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "78081"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CUPS\u00a0 of \u00a0ippReadIO\u00a0 Denial of service in functions \u00a0(DoS)\u00a0 Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001733"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-120"
}
],
"trust": 0.6
}
}
VAR-201810-0932
Vulnerability from variot - Updated: 2024-07-23 21:55The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text.
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.2q-i586-1_slack14.2.txz: Upgraded. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734 ( Security fix ) patches/packages/openssl-solibs-1.0.2q-i586-1_slack14.2.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1u-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1u-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1u-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1u-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1u-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1u-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1u-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1u-x86_64-1_slack14.1.txz
Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2q-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2q-i586-1_slack14.2.txz
Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2q-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2q-x86_64-1_slack14.2.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.1.1a-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.1.1a-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.1.1a-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.1.1a-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 packages: e6d4b3a76383f9f253da4128ba23f269 openssl-1.0.1u-i486-1_slack14.0.txz c61d31a1751ae39af89d3fee0b54f0d8 openssl-solibs-1.0.1u-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 96be19e6a96c9beb5d3bbc55348fb483 openssl-1.0.1u-x86_64-1_slack14.0.txz b7a8fa2ebd16c8ae106fc1267bc29eca openssl-solibs-1.0.1u-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 099b960e62eaea5d1a639a61a2fabca7 openssl-1.0.1u-i486-1_slack14.1.txz b5d5219e05db97f63c4d6c389d6884fb openssl-solibs-1.0.1u-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: fc96c87d76c9d1efd1290ac847fa7c7c openssl-1.0.1u-x86_64-1_slack14.1.txz e873b66f84f45ea34d028a3d524ce573 openssl-solibs-1.0.1u-x86_64-1_slack14.1.txz
Slackware 14.2 packages: d5f0cc19451e9c7e3967820cf02a20c6 openssl-1.0.2q-i586-1_slack14.2.txz 594ca80447baecd608a51083b12a26d9 openssl-solibs-1.0.2q-i586-1_slack14.2.txz
Slackware x86_64 14.2 packages: 943bb2f3259ccf97a1b8b25f5f511c30 openssl-1.0.2q-x86_64-1_slack14.2.txz 0d45afe2487c47b283c06902c56e4559 openssl-solibs-1.0.2q-x86_64-1_slack14.2.txz
Slackware -current packages: 6f01f6dd0f40a12e473320386cfc8536 a/openssl-solibs-1.1.1a-i586-1.txz 6e5a2ab2475a0d851376d12911b3c6b7 n/openssl-1.1.1a-i586-1.txz
Slackware x86_64 -current packages: eb4697703f1f4b81ad38e9247ab70dac a/openssl-solibs-1.1.1a-x86_64-1.txz 12a10fd6bd2344b3e73106c8d5b9828c n/openssl-1.1.1a-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.2q-i586-1_slack14.2.txz openssl-solibs-1.0.2q-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Description:
This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. After installing the updated packages, the httpd daemon will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/):
1568253 - CVE-2018-0737 openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys 1644364 - CVE-2018-0734 openssl: timing side channel attack in the DSA signature algorithm 1645695 - CVE-2018-5407 openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) 1668493 - CVE-2018-17199 httpd: mod_session_cookie does not respect expiry time 1668497 - CVE-2018-17189 httpd: mod_http2: DoS via slow, unneeded request bodies 1695020 - CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition 1695030 - CVE-2019-0196 httpd: mod_http2: read-after-free on a string compare 1695042 - CVE-2019-0197 httpd: mod_http2: possible crash on late upgrade 1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption 1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service 1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service 1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service
For the stable distribution (stretch), these problems have been fixed in version 1.1.0j-1~deb9u1. Going forward, openssl security updates for stretch will be based on the 1.1.0x upstream releases.
For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwBuAcACgkQEMKTtsN8 TjZbBw/+MOB5+pZbCHHXyH3IeD+yj+tSPvmNc3SCwdEtUxGXr0ZX7TKHfaLs/8s6 Udto0K8a1FvjrcUQCfhnFpNcSAv9pxX13Fr6Pd560miIfAu9/5jAqiCufCoiz+xj 45LNJGlaxxaFjgBGCitZSJA0Fc4SM6v5XFyJfR3kChdQ/3kGQbbMNAp16Fy3ZsxJ VXwviomUxmmmdvjxyhifTIpuwr9OiJSQ+13etQjTDQ3pzSbLBPSOxmpV0vPIC7I2 Dwa4zuQXA/DF4G6l8T4rXCwCN4e4pwbTc8bbCjXeZK+iVAhnRD6wXlS3cc5IVAzx /qTa89LZU8B6ylcB6nodeAHLuZTC3Le8ndoxYz5S2/jHZMM/jCQNHYJemHWNbOqn q+e5W0D1fIVLiLoL/iHW5XhN6yJY2Ma7zjXMRBnkzJA9CTNIKgUjrSFz0Ud+wIM/ u8QhNPwZ0hPd5IfSgIyWqmuQ5XzFYqAQvwT1gUJiK7tIvuT0VsSyKVaSZVbi4yrM 9sxkZaP1UNLcTVCFw6A0KFwhb9z6kQtyH1MRkFPphmnb8jlHA3cTdPJkFUBi3VaT 7izThm5/mVLbAjZ8X7nkqnzWzmc885j0ml3slDd/MOVWB5CD3vFAcI8k3VZr3A61 P2gNSN6UbAbLMGsxgs3hYUHgazi7MdXJ/aNavjGSbYBNL780Iaw=3Qji -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Low: openssl security, bug fix, and enhancement update Advisory ID: RHSA-2019:3700-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3700 Issue date: 2019-11-05 CVE Names: CVE-2018-0734 CVE-2018-0735 CVE-2019-1543 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
The following packages have been upgraded to a later upstream version: openssl (1.1.1c).
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1644356 - CVE-2018-0735 openssl: timing side channel attack in the ECDSA signature generation 1644364 - CVE-2018-0734 openssl: timing side channel attack in the DSA signature algorithm 1668880 - ec man page lists -modulus but the tool doesn't support it 1686058 - specifying digest for signing time-stamping responses is mandatory 1686548 - Incorrect handling of fragmented KeyUpdate messages 1695954 - CVE-2019-1543 openssl: ChaCha20-Poly1305 with long nonces 1697915 - Race/segmentation fault on process shutdown in OpenSSL 1706104 - openssl asn1parse crashes with double free or corruption (!prev) 1706915 - OpenSSL should implement continuous random test or use the kernel AF_ALG interface for random 1712023 - openssl pkcs12 uses certpbe algorithm not compliant with FIPS by default 1714245 - DSA ciphers in TLS don't work with SHA-1 signatures even in LEGACY level
- Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source: openssl-1.1.1c-2.el8.src.rpm
aarch64: openssl-1.1.1c-2.el8.aarch64.rpm openssl-debuginfo-1.1.1c-2.el8.aarch64.rpm openssl-debugsource-1.1.1c-2.el8.aarch64.rpm openssl-devel-1.1.1c-2.el8.aarch64.rpm openssl-libs-1.1.1c-2.el8.aarch64.rpm openssl-libs-debuginfo-1.1.1c-2.el8.aarch64.rpm openssl-perl-1.1.1c-2.el8.aarch64.rpm
ppc64le: openssl-1.1.1c-2.el8.ppc64le.rpm openssl-debuginfo-1.1.1c-2.el8.ppc64le.rpm openssl-debugsource-1.1.1c-2.el8.ppc64le.rpm openssl-devel-1.1.1c-2.el8.ppc64le.rpm openssl-libs-1.1.1c-2.el8.ppc64le.rpm openssl-libs-debuginfo-1.1.1c-2.el8.ppc64le.rpm openssl-perl-1.1.1c-2.el8.ppc64le.rpm
s390x: openssl-1.1.1c-2.el8.s390x.rpm openssl-debuginfo-1.1.1c-2.el8.s390x.rpm openssl-debugsource-1.1.1c-2.el8.s390x.rpm openssl-devel-1.1.1c-2.el8.s390x.rpm openssl-libs-1.1.1c-2.el8.s390x.rpm openssl-libs-debuginfo-1.1.1c-2.el8.s390x.rpm openssl-perl-1.1.1c-2.el8.s390x.rpm
x86_64: openssl-1.1.1c-2.el8.x86_64.rpm openssl-debuginfo-1.1.1c-2.el8.i686.rpm openssl-debuginfo-1.1.1c-2.el8.x86_64.rpm openssl-debugsource-1.1.1c-2.el8.i686.rpm openssl-debugsource-1.1.1c-2.el8.x86_64.rpm openssl-devel-1.1.1c-2.el8.i686.rpm openssl-devel-1.1.1c-2.el8.x86_64.rpm openssl-libs-1.1.1c-2.el8.i686.rpm openssl-libs-1.1.1c-2.el8.x86_64.rpm openssl-libs-debuginfo-1.1.1c-2.el8.i686.rpm openssl-libs-debuginfo-1.1.1c-2.el8.x86_64.rpm openssl-perl-1.1.1c-2.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-0734 https://access.redhat.com/security/cve/CVE-2018-0735 https://access.redhat.com/security/cve/CVE-2019-1543 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXcHzTdzjgjWX9erEAQjP6w/8D4eIfwgPbpKXdy3Y2kjmKhb9faqBJvHm eqpG5tewJQBtRAPm/R7SesrMVKGUEDAuiSKydQlQn8nuRIWDsKw14+uLRN7AyTQ3 jXy0pnp+C7O1hyJnwNEiXo9ZgUaXMMXLGyTk8v9gnzA/HYpZX1c4g4FXHf0ycBi/ thxllEiJx6CrEO3pszYzu1Lt9GFMOAJPvwbiW0S7mVmsNCI4n+5OfeNzmURXdObs 89/XCFrQO3CDAh3SXCZa08Ie8px7Aq8slmNWOswhlqIYkUWGUbICIpqW1+4XyAqz hVP8iqTY7TRwBPB0zoqmO5cxMY+jqMk/LphG+oTOF+ZA7YZH3bjDxJisCOr+ys+i WnTYAl1KFBqo5uhH4dBzNH2EE5PeiwKNKqu6Wws1qOblTFXb3AYSHsqLv6VB0m1B MXcUXrjSMwelSVAgK1eekJsYqCr3lT1+N8cA8P/sgT/DzGTNJhcoCE/OeJCUVBZL uGhke48CUs3GvXCKP0+PDpINRRllGwVqkkCQ7LtsXoB0hGaaGt+CNCd3aQj8rf02 mPi2Vab7CjBLUn1QGiNigLF4X4rKZlxiBcHDByyHdeCW+zHvGod7ksmJKXmHujvY pdg6toj/our0hhQp2dPTXFPKFtkO7GIIe19i+OZ6Rn0niVxSQbshiXyFFsvgZN0F 82vSbeKouJA= =mdzd -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-3840-1 December 06, 2018
openssl, openssl1.0 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in OpenSSL. (CVE-2018-0734)
Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)
Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading (SMT) architectures are vulnerable to side-channel leakage. This issue is known as "PortSmash". (CVE-2018-5407)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10: libssl1.0.0 1.0.2n-1ubuntu6.1 libssl1.1 1.1.1-1ubuntu2.1
Ubuntu 18.04 LTS: libssl1.0.0 1.0.2n-1ubuntu5.2 libssl1.1 1.1.0g-2ubuntu4.3
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.14
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.27
After a standard system update you need to reboot your computer to make all the necessary changes.
Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.1, 1.1.0 or 1.0.2 at this time. The fix is also available in commit 8abfe72e8c (for 1.1.1), ef11e19d13 (for 1.1.0) and commit 43e6a58d49 (for 1.0.2) in the OpenSSL git repository.
As a result of the changes made to mitigate this vulnerability, a new side channel attack was created. The mitigation for this new vulnerability can be found in these commits: 6039651c43 (for 1.1.1), 26d7fce13d (for 1.1.0) and 880d1c76ed (for 1.0.2)
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20181030.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0932",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.3.3"
},
{
"model": "e-business suite technology stack",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "0.9.8"
},
{
"model": "santricity smi-s provider",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0i"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.9.0"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.12.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.14.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.9.0"
},
{
"model": "mysql enterprise backup",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.12.3"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.0.0"
},
{
"model": "e-business suite technology stack",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0.5.0"
},
{
"model": "cloud backup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "e-business suite technology stack",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.0.0"
},
{
"model": "tuxedo",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.1.0.0"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.8"
},
{
"model": "cn1610",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "11.0.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.10"
},
{
"model": "mysql enterprise backup",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "4.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "11.3.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.0.0"
},
{
"model": "snapcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.57"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.2.0.0.0"
},
{
"model": "mysql enterprise backup",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "4.1.2"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "oncommand unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": "*"
},
{
"model": "primavera p6 professional project management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.7"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "storage automation store",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.2"
},
{
"model": "primavera p6 professional project management",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.12"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "mysql enterprise backup",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.0"
},
{
"model": "steelstore",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "8.8.1"
},
{
"model": "node.js",
"scope": "eq",
"trust": 1.0,
"vendor": "nodejs",
"version": "10.13.0"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2p"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.15.0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.2"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.3.0.0.0"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.0.0"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.8.1"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.56"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.2p",
"versionStartIncluding": "1.0.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.0i",
"versionStartIncluding": "1.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.8.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.8.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.12.0",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.15.0",
"versionStartIncluding": "6.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.14.0",
"versionStartIncluding": "8.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:10.13.0:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.12.3",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:18.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:16.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:e-business_suite_technology_stack:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:e-business_suite_technology_stack:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:e-business_suite_technology_stack:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_professional_project_management:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat,Samuel Weiser.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
}
],
"trust": 0.6
},
"cve": "CVE-2018-0734",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-118936",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-0734",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0734",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1435",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-118936",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-0734",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118936"
},
{
"db": "VULMON",
"id": "CVE-2018-0734"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
},
{
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.2q-i586-1_slack14.2.txz: Upgraded. \n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.2q-i586-1_slack14.2.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1u-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1u-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1u-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1u-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1u-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1u-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1u-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1u-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2q-i586-1_slack14.2.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2q-i586-1_slack14.2.txz\n\nUpdated packages for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2q-x86_64-1_slack14.2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2q-x86_64-1_slack14.2.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.1.1a-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.1.1a-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.1.1a-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.1.1a-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 packages:\ne6d4b3a76383f9f253da4128ba23f269 openssl-1.0.1u-i486-1_slack14.0.txz\nc61d31a1751ae39af89d3fee0b54f0d8 openssl-solibs-1.0.1u-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n96be19e6a96c9beb5d3bbc55348fb483 openssl-1.0.1u-x86_64-1_slack14.0.txz\nb7a8fa2ebd16c8ae106fc1267bc29eca openssl-solibs-1.0.1u-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n099b960e62eaea5d1a639a61a2fabca7 openssl-1.0.1u-i486-1_slack14.1.txz\nb5d5219e05db97f63c4d6c389d6884fb openssl-solibs-1.0.1u-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nfc96c87d76c9d1efd1290ac847fa7c7c openssl-1.0.1u-x86_64-1_slack14.1.txz\ne873b66f84f45ea34d028a3d524ce573 openssl-solibs-1.0.1u-x86_64-1_slack14.1.txz\n\nSlackware 14.2 packages:\nd5f0cc19451e9c7e3967820cf02a20c6 openssl-1.0.2q-i586-1_slack14.2.txz\n594ca80447baecd608a51083b12a26d9 openssl-solibs-1.0.2q-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 packages:\n943bb2f3259ccf97a1b8b25f5f511c30 openssl-1.0.2q-x86_64-1_slack14.2.txz\n0d45afe2487c47b283c06902c56e4559 openssl-solibs-1.0.2q-x86_64-1_slack14.2.txz\n\nSlackware -current packages:\n6f01f6dd0f40a12e473320386cfc8536 a/openssl-solibs-1.1.1a-i586-1.txz\n6e5a2ab2475a0d851376d12911b3c6b7 n/openssl-1.1.1a-i586-1.txz\n\nSlackware x86_64 -current packages:\neb4697703f1f4b81ad38e9247ab70dac a/openssl-solibs-1.1.1a-x86_64-1.txz\n12a10fd6bd2344b3e73106c8d5b9828c n/openssl-1.1.1a-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.2q-i586-1_slack14.2.txz openssl-solibs-1.0.2q-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Description:\n\nThis release adds the new Apache HTTP Server 2.4.37 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack\nApache Server 2.4.29 and includes bug fixes and enhancements. After installing the updated\npackages, the httpd daemon will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/):\n\n1568253 - CVE-2018-0737 openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys\n1644364 - CVE-2018-0734 openssl: timing side channel attack in the DSA signature algorithm\n1645695 - CVE-2018-5407 openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)\n1668493 - CVE-2018-17199 httpd: mod_session_cookie does not respect expiry time\n1668497 - CVE-2018-17189 httpd: mod_http2: DoS via slow, unneeded request bodies\n1695020 - CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition\n1695030 - CVE-2019-0196 httpd: mod_http2: read-after-free on a string compare\n1695042 - CVE-2019-0197 httpd: mod_http2: possible crash on late upgrade\n1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption\n1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service\n1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service\n1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service\n\n6. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.1.0j-1~deb9u1. Going forward, openssl security updates for\nstretch will be based on the 1.1.0x upstream releases. \n\nFor the detailed security status of openssl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwBuAcACgkQEMKTtsN8\nTjZbBw/+MOB5+pZbCHHXyH3IeD+yj+tSPvmNc3SCwdEtUxGXr0ZX7TKHfaLs/8s6\nUdto0K8a1FvjrcUQCfhnFpNcSAv9pxX13Fr6Pd560miIfAu9/5jAqiCufCoiz+xj\n45LNJGlaxxaFjgBGCitZSJA0Fc4SM6v5XFyJfR3kChdQ/3kGQbbMNAp16Fy3ZsxJ\nVXwviomUxmmmdvjxyhifTIpuwr9OiJSQ+13etQjTDQ3pzSbLBPSOxmpV0vPIC7I2\nDwa4zuQXA/DF4G6l8T4rXCwCN4e4pwbTc8bbCjXeZK+iVAhnRD6wXlS3cc5IVAzx\n/qTa89LZU8B6ylcB6nodeAHLuZTC3Le8ndoxYz5S2/jHZMM/jCQNHYJemHWNbOqn\nq+e5W0D1fIVLiLoL/iHW5XhN6yJY2Ma7zjXMRBnkzJA9CTNIKgUjrSFz0Ud+wIM/\nu8QhNPwZ0hPd5IfSgIyWqmuQ5XzFYqAQvwT1gUJiK7tIvuT0VsSyKVaSZVbi4yrM\n9sxkZaP1UNLcTVCFw6A0KFwhb9z6kQtyH1MRkFPphmnb8jlHA3cTdPJkFUBi3VaT\n7izThm5/mVLbAjZ8X7nkqnzWzmc885j0ml3slDd/MOVWB5CD3vFAcI8k3VZr3A61\nP2gNSN6UbAbLMGsxgs3hYUHgazi7MdXJ/aNavjGSbYBNL780Iaw=3Qji\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Low: openssl security, bug fix, and enhancement update\nAdvisory ID: RHSA-2019:3700-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3700\nIssue date: 2019-11-05\nCVE Names: CVE-2018-0734 CVE-2018-0735 CVE-2019-1543 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nThe following packages have been upgraded to a later upstream version:\nopenssl (1.1.1c). \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1644356 - CVE-2018-0735 openssl: timing side channel attack in the ECDSA signature generation\n1644364 - CVE-2018-0734 openssl: timing side channel attack in the DSA signature algorithm\n1668880 - ec man page lists -modulus but the tool doesn\u0027t support it\n1686058 - specifying digest for signing time-stamping responses is mandatory\n1686548 - Incorrect handling of fragmented KeyUpdate messages\n1695954 - CVE-2019-1543 openssl: ChaCha20-Poly1305 with long nonces\n1697915 - Race/segmentation fault on process shutdown in OpenSSL\n1706104 - openssl asn1parse crashes with double free or corruption (!prev)\n1706915 - OpenSSL should implement continuous random test or use the kernel AF_ALG interface for random\n1712023 - openssl pkcs12 uses certpbe algorithm not compliant with FIPS by default\n1714245 - DSA ciphers in TLS don\u0027t work with SHA-1 signatures even in LEGACY level\n\n6. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\nopenssl-1.1.1c-2.el8.src.rpm\n\naarch64:\nopenssl-1.1.1c-2.el8.aarch64.rpm\nopenssl-debuginfo-1.1.1c-2.el8.aarch64.rpm\nopenssl-debugsource-1.1.1c-2.el8.aarch64.rpm\nopenssl-devel-1.1.1c-2.el8.aarch64.rpm\nopenssl-libs-1.1.1c-2.el8.aarch64.rpm\nopenssl-libs-debuginfo-1.1.1c-2.el8.aarch64.rpm\nopenssl-perl-1.1.1c-2.el8.aarch64.rpm\n\nppc64le:\nopenssl-1.1.1c-2.el8.ppc64le.rpm\nopenssl-debuginfo-1.1.1c-2.el8.ppc64le.rpm\nopenssl-debugsource-1.1.1c-2.el8.ppc64le.rpm\nopenssl-devel-1.1.1c-2.el8.ppc64le.rpm\nopenssl-libs-1.1.1c-2.el8.ppc64le.rpm\nopenssl-libs-debuginfo-1.1.1c-2.el8.ppc64le.rpm\nopenssl-perl-1.1.1c-2.el8.ppc64le.rpm\n\ns390x:\nopenssl-1.1.1c-2.el8.s390x.rpm\nopenssl-debuginfo-1.1.1c-2.el8.s390x.rpm\nopenssl-debugsource-1.1.1c-2.el8.s390x.rpm\nopenssl-devel-1.1.1c-2.el8.s390x.rpm\nopenssl-libs-1.1.1c-2.el8.s390x.rpm\nopenssl-libs-debuginfo-1.1.1c-2.el8.s390x.rpm\nopenssl-perl-1.1.1c-2.el8.s390x.rpm\n\nx86_64:\nopenssl-1.1.1c-2.el8.x86_64.rpm\nopenssl-debuginfo-1.1.1c-2.el8.i686.rpm\nopenssl-debuginfo-1.1.1c-2.el8.x86_64.rpm\nopenssl-debugsource-1.1.1c-2.el8.i686.rpm\nopenssl-debugsource-1.1.1c-2.el8.x86_64.rpm\nopenssl-devel-1.1.1c-2.el8.i686.rpm\nopenssl-devel-1.1.1c-2.el8.x86_64.rpm\nopenssl-libs-1.1.1c-2.el8.i686.rpm\nopenssl-libs-1.1.1c-2.el8.x86_64.rpm\nopenssl-libs-debuginfo-1.1.1c-2.el8.i686.rpm\nopenssl-libs-debuginfo-1.1.1c-2.el8.x86_64.rpm\nopenssl-perl-1.1.1c-2.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-0734\nhttps://access.redhat.com/security/cve/CVE-2018-0735\nhttps://access.redhat.com/security/cve/CVE-2019-1543\nhttps://access.redhat.com/security/updates/classification/#low\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXcHzTdzjgjWX9erEAQjP6w/8D4eIfwgPbpKXdy3Y2kjmKhb9faqBJvHm\neqpG5tewJQBtRAPm/R7SesrMVKGUEDAuiSKydQlQn8nuRIWDsKw14+uLRN7AyTQ3\njXy0pnp+C7O1hyJnwNEiXo9ZgUaXMMXLGyTk8v9gnzA/HYpZX1c4g4FXHf0ycBi/\nthxllEiJx6CrEO3pszYzu1Lt9GFMOAJPvwbiW0S7mVmsNCI4n+5OfeNzmURXdObs\n89/XCFrQO3CDAh3SXCZa08Ie8px7Aq8slmNWOswhlqIYkUWGUbICIpqW1+4XyAqz\nhVP8iqTY7TRwBPB0zoqmO5cxMY+jqMk/LphG+oTOF+ZA7YZH3bjDxJisCOr+ys+i\nWnTYAl1KFBqo5uhH4dBzNH2EE5PeiwKNKqu6Wws1qOblTFXb3AYSHsqLv6VB0m1B\nMXcUXrjSMwelSVAgK1eekJsYqCr3lT1+N8cA8P/sgT/DzGTNJhcoCE/OeJCUVBZL\nuGhke48CUs3GvXCKP0+PDpINRRllGwVqkkCQ7LtsXoB0hGaaGt+CNCd3aQj8rf02\nmPi2Vab7CjBLUn1QGiNigLF4X4rKZlxiBcHDByyHdeCW+zHvGod7ksmJKXmHujvY\npdg6toj/our0hhQp2dPTXFPKFtkO7GIIe19i+OZ6Rn0niVxSQbshiXyFFsvgZN0F\n82vSbeKouJA=\n=mdzd\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-3840-1\nDecember 06, 2018\n\nopenssl, openssl1.0 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.10\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. (CVE-2018-0734)\n\nSamuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. This issue only affected Ubuntu\n18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)\n\nBilly Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri,\nand Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading\n(SMT) architectures are vulnerable to side-channel leakage. This issue is\nknown as \"PortSmash\". (CVE-2018-5407)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.10:\n libssl1.0.0 1.0.2n-1ubuntu6.1\n libssl1.1 1.1.1-1ubuntu2.1\n\nUbuntu 18.04 LTS:\n libssl1.0.0 1.0.2n-1ubuntu5.2\n libssl1.1 1.1.0g-2ubuntu4.3\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.14\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.27\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nDue to the low severity of this issue we are not issuing a new release\nof OpenSSL 1.1.1, 1.1.0 or 1.0.2 at this time. The fix is also available in commit 8abfe72e8c (for 1.1.1),\nef11e19d13 (for 1.1.0) and commit 43e6a58d49 (for 1.0.2) in the OpenSSL\ngit repository. \n\nAs a result of the changes made to mitigate this vulnerability, a new\nside channel attack was created. The mitigation for this new vulnerability\ncan be found in these commits: 6039651c43 (for 1.1.1), 26d7fce13d (for 1.1.0)\nand 880d1c76ed (for 1.0.2)\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20181030.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0734"
},
{
"db": "VULHUB",
"id": "VHN-118936"
},
{
"db": "VULMON",
"id": "CVE-2018-0734"
},
{
"db": "PACKETSTORM",
"id": "150437"
},
{
"db": "PACKETSTORM",
"id": "155414"
},
{
"db": "PACKETSTORM",
"id": "155417"
},
{
"db": "PACKETSTORM",
"id": "150561"
},
{
"db": "PACKETSTORM",
"id": "155160"
},
{
"db": "PACKETSTORM",
"id": "150683"
},
{
"db": "PACKETSTORM",
"id": "169667"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0734",
"trust": 2.5
},
{
"db": "TENABLE",
"id": "TNS-2018-17",
"trust": 1.8
},
{
"db": "TENABLE",
"id": "TNS-2018-16",
"trust": 1.8
},
{
"db": "BID",
"id": "105758",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "155414",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1435",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.0660",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0960",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0481",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0514",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3390.4",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4251",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4403",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0644.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0491",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4479.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4753",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4479",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0102",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0529",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "150683",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155160",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155417",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "150437",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "153932",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155416",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-118936",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-0734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150561",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118936"
},
{
"db": "VULMON",
"id": "CVE-2018-0734"
},
{
"db": "PACKETSTORM",
"id": "150437"
},
{
"db": "PACKETSTORM",
"id": "155414"
},
{
"db": "PACKETSTORM",
"id": "155417"
},
{
"db": "PACKETSTORM",
"id": "150561"
},
{
"db": "PACKETSTORM",
"id": "155160"
},
{
"db": "PACKETSTORM",
"id": "150683"
},
{
"db": "PACKETSTORM",
"id": "169667"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
},
{
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"id": "VAR-201810-0932",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118936"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:55:35.727000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86419"
},
{
"title": "Red Hat: Moderate: openssl security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192304 - security advisory"
},
{
"title": "Red Hat: Low: openssl security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193700 - security advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2019-1153",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2019-1153"
},
{
"title": "Ubuntu Security Notice: openssl, openssl1.0 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3840-1"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1153",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2019-1153"
},
{
"title": "Red Hat: CVE-2018-0734",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2018-0734"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2018-0734"
},
{
"title": "Debian Security Advisories: DSA-4355-1 openssl1.0 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=7cc6b04edacd67d6e5bf27bd36f54217"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1362",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2019-1362"
},
{
"title": "Arch Linux Advisories: [ASA-201812-7] lib32-openssl-1.0: private key recovery",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201812-7"
},
{
"title": "Arch Linux Advisories: [ASA-201812-6] lib32-openssl: private key recovery",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201812-6"
},
{
"title": "Arch Linux Advisories: [ASA-201812-5] openssl: private key recovery",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201812-5"
},
{
"title": "Arch Linux Advisories: [ASA-201812-8] openssl-1.0: private key recovery",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201812-8"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193935 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 6",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193932 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193933 - security advisory"
},
{
"title": "Debian Security Advisories: DSA-4348-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=322bd50b7b929759e38c99b73122a852"
},
{
"title": "IBM: IBM Security Bulletin: IBM NeXtScale Fan Power Controller (FPC) is affected by vulnerability in OpenSSL (CVE-2018-0734)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=089729287496a632fa4c42658b60b635"
},
{
"title": "IBM: IBM Security Bulletin: IBM MQ Appliance is affected by an OpenSSL vulnerability (CVE-2018-0734)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=3b0880c0fe7c1c2995382c68ba0fd928"
},
{
"title": "IBM: IBM Security Bulletin: OpenSSL DSA signature algorithm security vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-0734)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bf4a61aab0614bc21bae17e61513abdc"
},
{
"title": "IBM: IBM Security Bulletin: A security vulnerability has been identified in OpenSSL, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2018-0734)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=9f92a5713223095107b36bb14efd3013"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2018-0734, CVE-2018-5407)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c36f1dd66164e22918d817553be91620"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1b873a45dce8bb56ff011908a9402b67"
},
{
"title": "IBM: IBM Security Bulletin: IBM QRadar Network Security is affected by openssl vulnerabilities (CVE-2019-1559, CVE-2018-0734)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=7ceb7cf440b088f91358d1c597d5a414"
},
{
"title": "IBM: IBM Security Bulletin: IBM Cloud Manager with OpenStack is affected by a OpenSSL vulnerabilities (CVE-2018-0734)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bcd3c8de23a34fb577cecdb0096912bf"
},
{
"title": "IBM: IBM Security Bulletin: OpenSSL vunerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f89f8f6307af3f9e5b1f4d0ffb1a9677"
},
{
"title": "IBM: IBM Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2018-0734)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4f65fc12e5864fd96d0965bd485769d5"
},
{
"title": "IBM: IBM Security Bulletin: IBM RackSwitch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0734)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=96f2e72442af5a4308e4a45305db78b4"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security Vulnerabilities in OpenSSL Affect IBM Sterling B2B Integrator (CVE-2018-0734, CVE-2018-5407)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e4ca493bfda92c5355c98328872a84e5"
},
{
"title": "IBM: IBM Security Bulletin: IBM Event Streams is affected by OpenSSL vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=efdce9b94f89918f3f2b2dfc69780ccd"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2018-0734, CVE-2018-5407)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ddeebd7237369bd2318e4087834121a5"
},
{
"title": "Tenable Security Advisories: [R1] Nessus 8.1.1 Fixes Multiple Third-party Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2018-16"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerability affects Watson Explorer Foundational Components (CVE-2018-0732, CVE-2018-0734, CVE-2018-0737)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4f5f12bea67642140a5af636a3850c79"
},
{
"title": "IBM: IBM Security Bulletin: Security vulnerabilities identified in OpenSSL affect Rational Build Forge (CVE-2018-0734, CVE-2018-5407 and CVE-2019-1559)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e59d7f075c856823d6f7370dea35e662"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerabilities in GNU OpenSSL (1.0.2 series) affect IBM Netezza Analytics",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ac5ccbde4e4ddbcabd10cacf82487a11"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Sterling Connect:Express for UNIX (CVE-2018-0734 and CVE-2018-5407)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=fda6d001f041b9b0a29d906059d798b4"
},
{
"title": "IBM: IBM Security Bulletin: IBM DataPower Gateway is affected by vulnerabilities in OpenSSL",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c7313d7a6ba5364a603c214269588feb"
},
{
"title": "IBM: Security Bulletin: Vulnerabities in SSL in IBM DataPower Gateway",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=5fc1433ca504461e3bbb1d30e408592c"
},
{
"title": "IBM: IBM Security Bulletin: IBM InfoSphere Master Data Management Standard and Advanced Editions are affected by vulnerabilities in OpenSSL (CVE-2018-0735, CVE-2018-0734, CVE-2018-5407)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c829d56f5888779e791387897875c4b4"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerability affects Watson Explorer Foundational Components (CVE-2018-0732, CVE-2018-0734, CVE-2018-0737)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=35f40c202a57607f29c0bb486da6ea8a"
},
{
"title": "Tenable Security Advisories: [R1] Nessus 7.1.4 Fixes Multiple Third-party Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2018-17"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerabilities in OpenSSL affect GCM16 \u0026 GCM32 KVM Switch Firmware (CVE-2018-0734, CVE-2018-0737, CVE-2018-0739)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d3d3f316d14423d9850192f1d5f20a1b"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM InfoSphere Information Server",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d04b79d120c8d1de061ffc3f57258fcb"
},
{
"title": "IBM: IBM Security Bulletin:IBM Security Identity Adapters has released a fix in response to the OpenSSL vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=00b8bc7d11e5484e8721f3f62ec2ce87"
},
{
"title": "IBM: Security Bulletin: Vulnerabilities have been identified in OpenSSL and the Kernel shipped with the DS8000 Hardware Management Console (HMC)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=423d1da688755122eb2591196e4cc160"
},
{
"title": "Debian CVElist Bug Report Logs: mysql-5.7: Security fixes from the January 2019 CPU",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=996600102cb3180bfad1fcc5c68a4d77"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=4ee609eeae78bbbd0d0c827f33a7f87f"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM\u00ae Cloud Private \u2013 Node.js",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2e571e7bc5566212c3e69e37ecfa5ad4"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2bd72b857f21f300d83d07a791be44cf"
},
{
"title": "Forcepoint Security Advisories: CVE-2018-0734 and CVE-2019-1559 (OpenSSL)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=b508c983da563a8786bf80c360afb887"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities affect IBM\u00ae SDK for Node.js\u2122 in IBM Cloud",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=26f585287da19915b94b6cae2d1b864f"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management V2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=dce787e9d669a768893a91801bf5eea4"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been addressed in IBM Security Access Manager Appliance",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=800337bc69aa7ad92ac88a2adcc7d426"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM\u00ae Cloud Private \u2013 fluentd",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=60de0933c28b353f38df30120aa2a908"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=f655264a6935505d167bbf45f409a57b"
},
{
"title": "IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches \u2013 Releases 1801-w and 1801-y",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bf3f2299a8658b7cd3984c40e7060666"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=aea3fcafd82c179d3a5dfa015e920864"
},
{
"title": "IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches \u2013 Release 1801-v",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=413b5f9466c1ebf3ab090a45e189b43e"
},
{
"title": "IBM: IBM Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal\u2019s dependencies \u2013 Cumulative list from June 28, 2018 to December 13, 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=43da2cd72c1e378d8d94ecec029fcc61"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2018-0734 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/qi-zhan/ps3 "
},
{
"title": "vyger",
"trust": 0.1,
"url": "https://github.com/mrodden/vyger "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-0734"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-327",
"trust": 1.1
},
{
"problemtype": "CWE-320",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118936"
},
{
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.securityfocus.com/bid/105758"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2019:3932"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2019:3935"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:3933"
},
{
"trust": 1.9,
"url": "https://www.openssl.org/news/secadv/20181030.txt"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:2304"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3700"
},
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/3840-1/"
},
{
"trust": 1.8,
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20181105-0002/"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20190423-0002/"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"trust": 1.8,
"url": "https://www.tenable.com/security/tns-2018-16"
},
{
"trust": 1.8,
"url": "https://www.tenable.com/security/tns-2018-17"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2018/dsa-4348"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2018/dsa-4355"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=8abfe72e8c1de1b95f50aa0d9134803b4d00070f"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=ef11e19d1365eea2b1851e6f540a0bf365d303e7"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=43e6a58d4991a451daf4891ff05a48735df871ac"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ewc42uxl5ghtu5g77vkbf6jyuungshom/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zbev5qgdrfuzdmnecfxusn5fmyozde4v/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/y3ivfgserazlnjck35tem2r4726xih3z/"
},
{
"trust": 0.7,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=43e6a58d4991a451daf4891ff05a48735df871ac"
},
{
"trust": 0.7,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8abfe72e8c1de1b95f50aa0d9134803b4d00070f"
},
{
"trust": 0.7,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ef11e19d1365eea2b1851e6f540a0bf365d303e7"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zbev5qgdrfuzdmnecfxusn5fmyozde4v/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/y3ivfgserazlnjck35tem2r4726xih3z/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ewc42uxl5ghtu5g77vkbf6jyuungshom/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0734"
},
{
"trust": 0.6,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory29.asc"
},
{
"trust": 0.6,
"url": "https://www.oracle.com/technetwork/topics/security/bulletinjan2019-5251593.html"
},
{
"trust": 0.6,
"url": "https://www.oracle.com/technetwork/topics/security/bulletinapr2019-5462008.html"
},
{
"trust": 0.6,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.6,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"trust": 0.6,
"url": "http://openssl.org/"
},
{
"trust": 0.6,
"url": "https://www.openssl.org/news/cl102.txt"
},
{
"trust": 0.6,
"url": "https://github.com/openssl/openssl/commit/ef11e19d1365eea2b1851e6f540a0bf365d303e7"
},
{
"trust": 0.6,
"url": "https://github.com/openssl/openssl/commit/8abfe72e8c1de1b95f50aa0d9134803b4d00070f"
},
{
"trust": 0.6,
"url": "https://github.com/openssl/openssl/commit/43e6a58d4991a451daf4891ff05a48735df871ac"
},
{
"trust": 0.6,
"url": "https://support.symantec.com/us/en/article.symsa1490.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1284802"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1115655"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1115643"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1170328"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1170340"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1170334"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1170322"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1170352"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1170346"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1116357"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1142626"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1115649"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76338"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10875298"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-tivoli-netcool-system-service-monitors-application-service-monitors-cve-2018-5407cve-2020-1967cve-2018-0734cve-2019-1563cve-2019/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76414"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4403/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4479/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1138588"
},
{
"trust": 0.6,
"url": "https://www.oracle.com/security-alerts/cpujan2020verbose.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/3517185"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10870936"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1167202"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/77674"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-openssl-as-used-in-ibm-qradar-siem-is-vulnerable-to-a-timing-side-channel-attack-cve-2018-0734/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0491/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3390.4/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4479.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/75658"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4251/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-have-been-identified-in-openssl-and-the-kernel-shipped-with-the-ds8000-hardware-management-console-hmc/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155414/red-hat-security-advisory-2019-3935-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0529/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4753/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-openssl-affects-ibm-integrated-analytics-system-2/"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10794861"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0102/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1143442"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-spectrum-protect-plus-cve-2018-0735-cve-2018-0734-cve-2018-5407/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1169938"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873310"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/75802"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5407"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0737"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-0734"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0735"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9513"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-9511"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9517"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0197"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17199"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9511"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17189"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-9517"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-0737"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-17199"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-9516"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-9513"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-0217"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0217"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-0197"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-17189"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9516"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-5407"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-0196"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0196"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/327.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2018-0734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=59087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0734"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5407"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0732"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/openssl"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1543"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-0735"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-1543"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.1.1-1ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.14"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.27"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.1.0g-2ubuntu4.3"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3840-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl1.0/1.0.2n-1ubuntu6.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl1.0/1.0.2n-1ubuntu5.2"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118936"
},
{
"db": "VULMON",
"id": "CVE-2018-0734"
},
{
"db": "PACKETSTORM",
"id": "150437"
},
{
"db": "PACKETSTORM",
"id": "155414"
},
{
"db": "PACKETSTORM",
"id": "155417"
},
{
"db": "PACKETSTORM",
"id": "150561"
},
{
"db": "PACKETSTORM",
"id": "155160"
},
{
"db": "PACKETSTORM",
"id": "150683"
},
{
"db": "PACKETSTORM",
"id": "169667"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
},
{
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-118936"
},
{
"db": "VULMON",
"id": "CVE-2018-0734"
},
{
"db": "PACKETSTORM",
"id": "150437"
},
{
"db": "PACKETSTORM",
"id": "155414"
},
{
"db": "PACKETSTORM",
"id": "155417"
},
{
"db": "PACKETSTORM",
"id": "150561"
},
{
"db": "PACKETSTORM",
"id": "155160"
},
{
"db": "PACKETSTORM",
"id": "150683"
},
{
"db": "PACKETSTORM",
"id": "169667"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
},
{
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-118936"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2018-0734"
},
{
"date": "2018-11-22T23:23:23",
"db": "PACKETSTORM",
"id": "150437"
},
{
"date": "2019-11-20T23:02:22",
"db": "PACKETSTORM",
"id": "155414"
},
{
"date": "2019-11-20T21:11:11",
"db": "PACKETSTORM",
"id": "155417"
},
{
"date": "2018-12-03T21:06:37",
"db": "PACKETSTORM",
"id": "150561"
},
{
"date": "2019-11-06T15:56:37",
"db": "PACKETSTORM",
"id": "155160"
},
{
"date": "2018-12-07T01:03:36",
"db": "PACKETSTORM",
"id": "150683"
},
{
"date": "2018-10-30T12:12:12",
"db": "PACKETSTORM",
"id": "169667"
},
{
"date": "2018-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1435"
},
{
"date": "2018-10-30T12:29:00.257000",
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-118936"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-0734"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1435"
},
{
"date": "2023-11-07T02:51:05.217000",
"db": "NVD",
"id": "CVE-2018-0734"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Encryption problem vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1435"
}
],
"trust": 0.6
}
}
VAR-200911-0398
Vulnerability from variot - Updated: 2024-07-23 21:54The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. Hitachi Web Server for, SSL There is a vulnerability in which arbitrary data is inserted at the beginning of communication data when using the function.Arbitrary data may be inserted at the beginning of communication data by a third party. A vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction.
SOLUTION: Apply updates (please see the vendor's advisory for details). =========================================================== Ubuntu Security Notice USN-860-1 November 19, 2009 apache2 vulnerabilities CVE-2009-3094, CVE-2009-3095, CVE-2009-3555 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.9
Ubuntu 8.04 LTS: apache2.2-common 2.2.8-1ubuntu0.14
Ubuntu 8.10: apache2.2-common 2.2.9-7ubuntu3.5
Ubuntu 9.04: apache2.2-common 2.2.11-2ubuntu2.5
Ubuntu 9.10: apache2.2-common 2.2.12-1ubuntu2.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. The flaw is with TLS renegotiation and potentially affects any software that supports this feature. Attacks against the HTTPS protocol are known, with the severity of the issue depending on the safeguards used in the web application. Until the TLS protocol and underlying libraries are adjusted to defend against this vulnerability, a partial, temporary workaround has been applied to Apache that disables client initiated TLS renegotiation. This update does not protect against server initiated TLS renegotiation when using SSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. Users can defend againt server inititiated TLS renegotiation attacks by adjusting their Apache configuration to use SSLVerifyClient and SSLCipherSuite only on the server or virtual host level. (CVE-2009-3555)
It was discovered that mod_proxy_ftp in Apache did not properly sanitize its input when processing replies to EPASV and PASV commands. An attacker could use this to cause a denial of service in the Apache child process. (CVE-2009-3094)
Another flaw was discovered in mod_proxy_ftp. (CVE-2009-3095)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz
Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc
Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb
Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 834492 818915da9848657833480b1ead6b4a12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 224594 85a4480344a072868758c466f6a98747
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 229128 446b52088b9744fb776e53155403a474
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 142730 d43356422176ca29440f3e0572678093
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 269070 bf585dec777b0306cd80663c11b020df
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz
Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc
Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz
Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 141660 958585d6391847cd5a618464054f7d37
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 206386 06402188459de8dab5279b5bfef768fa
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 233152 1165607c64c57c84212b6b106254e885
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 143838 28e9c3811feeac70b846279e82c23430
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz
Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc
Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz
Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 209550 496d387e315370c0cd83489db663a356
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 778564 ffd7752394933004094c13b00113b263
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 208528 6672fb116e108687669c89197732fbb0
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 261510 d3e1155682726cc28859156e647d97b3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 84558 68452b686e89320007e9c5367ce36345
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 926240 8282583e86e84bd256959540f39a515d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 241280 1eea25472875056e34cd2c3283c60171
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 246024 5709e7421814ecfb83fff5804d429971
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz
Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc
Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz
Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 258414 8ef063026de9790bac1965427ce1b584
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 213294 09701d434bd102e4205e551b4525afd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 87818 670c62615e107920c45893b3377ab2a0
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 244914 955bb5121da808d44aa994386d90723f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 214286 a378e2e0418631cec0f398379a446172
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz
Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc
Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz
Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2336 009d381342b0be5280835a46c91f01d9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2314 17719223d92d46821098ce178b5947d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 155166 4347806710edff47fc051b4a68d5b448
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 90316 add7f446f6b524343c0066a486dd299a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2
. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue.
After updating openssl, an Apache server will allow both patched and unpatched web browsers to connect, but unpatched browsers will not be able to renegotiate. This update introduces the new SSLInsecureRenegotiation directive for Apache that may be used to re-enable insecure renegotiations with unpatched web browsers. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2009:323 http://www.mandriva.com/security/
Package : apache Date : December 7, 2009 Affected: 2008.0
Problem Description:
Multiple vulnerabilities has been found and corrected in apache:
Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm (CVE-2008-1678). Note that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only).
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0.
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195).
The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests (CVE-2009-1890).
Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects (CVE-2009-1891).
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command (CVE-2009-3094).
The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes (CVE-2009-3095).
Apache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation (CVE-2009-3555).
Packages for 2008.0 are being provided due to extended support for Corporate products.
This update provides a solution to these vulnerabilities.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
Updated Packages:
Mandriva Linux 2008.0: dd2bebdd6726d2d865331d37068a90b7 2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm 6de9d36a91b125cc03bafe911b7a38a2 2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm ab7963efad1b7951c94a24075a2070e7 2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm 42a53b597d5547fb88b7427cacd617a1 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm 1dff9d313e93c94e907d8c72348ed2e0 2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm b575ede2978ad47e41d355bd8b192725 2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm 8ff3dee24d2d2d9a8d13e567cf1eaced 2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm 7bae541dfec14b21700878514750de83 2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm 19cab766a26ce53bd7e7973ed92f0db4 2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm a1336e4ab4f282c388d7565bde4557fd 2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm 6b2f2eb949977349390fa3b06cf257e7 2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm 3640bbef5262ec0407126e31dd5ddde3 2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm 98793747365606baabc08f22e36a0a04 2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm d7fe4d88f25d2a01b0809ab5292b0999 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm 4c9f48adbd0b1d45a874f06b9275ebe3 2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm e5a1d9476316ccc9f183cb1ae5bbcf31 2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm 44f7810695a40519c68930695829f124 2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm d6f666e9954422664d1f029fc147b591 2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm 75e205ddbc9313b8d02519e57919923a 2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm 6d68e8fa7baccc2ad090c703fb33458e 2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm 331f18ce48403472fc7f8af6d5daee8e 2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm c75e69bcabc104938cb9033e591d1de8 2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 3d4afe3f8da8369d80b6c195e132c5c0 2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm 37034ee7c7eb813de2a00a6945a10248 2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm ba296f9aa229a616a2c406d1a16912c3 2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm 77fa75d36e7a4bbe154c846e3271e7a3 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm ca29e2db08b29e319f2392b46ea4c3fe 2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm 3fbf5a0276adaa2d887a92482d81313f 2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm 9c66e471c2d2d3e43462302d0cc6f1c9 2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm 05020102a26a28b96319b23e3b6e43d6 2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm 7191542417b30ed77334f1b8366628aa 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm f4177dbdcfd2e3dc8e66be731ad731c4 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm fea417664f0a2689fa12308bd80c2fe4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm 9cf956fa426e6bdf6497337b6e26a2ab 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm 0d9d04ca878bb3f19f4764152da42d82 2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm dbbcd75dd83779f54f98fa3e16b59f13 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm dce8db6742ba28a71e18b86bb38688c8 2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm 2ff69d6e9c2cd3250f6746d4a7d921fd 2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm f298827d4dfa631a77907f7f5733fa29 2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm 6f02fb080e308ca0826fdb1ef00a1489 2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm b886d30d73c60a515b3ed36d7f186378 2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm 62d7754a5aa7af596cc06cd540d4025f 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm d3438e0967978e580be896bd85f1d953 2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm e72af335ec7c3c02b5a494fbd6e99e0e 2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu MUj4lK2Wsb+qzbv2V+Ih30U= =VdZS -----END PGP SIGNATURE----- .
Additionally the NSPR package has been upgraded to 4.8.4 that brings numerous upstream fixes.
This update provides the latest versions of NSS and NSPR libraries and for which NSS is not vulnerable to this attack. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Aruba Networks Security Advisory
Title: TLS Protocol Session Renegotiation Security Vulnerability
Aruba Advisory ID: AID-020810 Revision: 1.0
For Public Release on 02/08/2010
+----------------------------------------------------
SUMMARY
This advisory addresses the renegotiation related vulnerability disclosed recently in Transport Layer Security protocol [1][2].
The only ArubaOS component that seems affected by this issue is the HTTPS WebUI administration interface. If a client browser (victim) is configured to authenticate to the WebUI over HTTPS using a client certificate, an attacker can potentially use the victim's credentials temporarily to execute arbitrary HTTP request for each initiation of an HTTPS session from the victim to the WebUI. This would happen without any HTTPS/TLS warnings to the victim. This condition can essentially be exploited by an attacker for command injection in beginning of a HTTPS session between the victim and the ArubaOS WebUI.
ArubaOS itself does not initiate TLS renegotiation at any point and hence is only vulnerable to scenario where a client explicitly requests TLS renegotiation. Captive Portal users do not seem vulnerable to this issue unless somehow client certificates are being used to authenticate captive portal users.
AFFECTED ArubaOS VERSIONS
2.5.6.x, 3.3.2.x, 3.3.3.x, 3.4.0.x, 3.4.1.x, RN 3.1.x, 3.3.2.x-FIPS, 2.4.8.x-FIPS
CHECK IF YOU ARE VULNERABLE
The only ArubaOS component that seems affected by this issue is the HTTPS WebUI administration interface. ArubaOS is vulnerable only if its configuration permits WebUI administration interface clients to connect using either username/password or client certificates. If only one of the two authentication method is allowed, this issue does not seem to apply.
Check if the following line appears in your configuration:
web-server mgmt-auth username/password certificate
If the exact line does not appear in the configuration, this issue does not apply.
DETAILS
An industry wide vulnerability was discovered in TLS protocol's renegotiation feature, which allows a client and server who already have a TLS connection to negotiate new session parameters and generate new key material. Renegotiation is carried out in the existing TLS connection. However there is no cryptographic binding between the renegotiated TLS session and the original TLS session. An attacker who has established MITM between client and server may be able to take advantage of this and inject arbitrary data into the beginning of the application protocol stream protected by TLS. Specifically arbitrary HTTP requests can be injected in a HTTPS session where attacker (MITM) blocks HTTPS session initiation between client and server, establishes HTTPS session with the server itself, injects HTTP data and initiates TLS renegotiation with the server. Then attacker allows the renegotiation to occur between the client and the server. After successful HTTPS session establishment with the server, now the client sends its HTTP request along with its HTTP credentials (cookie) to the server. However due to format of attacker's injected HTTP data, the client's HTTP request is not processed, rather the attacker's HTTP request gets executed with credentials of the client. The attacker is not able to view the results of the injected HTTP request due to the fact that data between the client and the server is encrypted over HTTPS.
ArubaOS itself does not initiate TLS renegotiation at any point. The only ArubaOS component that seems affected by this issue is the HTTPS WebUI administration interface.
Pre-requisites for this attack : 1. The attacker must be able to establish a MITM between the client and the server (ArubaOS WebUI). 2. The attacker must be able to establish a successful HTTPS session with the server (ArubaOS WebUI) 3. ArubaOS must be configured to allow certificate based HTTPS authentication for WebUI clients (client certs).
Captive Portal users do not seem vulnerable to this issue unless somehow client certificates are being used to authenticate captive portal users.
CVSS v2 BASE METRIC SCORE: 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)
WORKAROUNDS
Aruba Networks recommends that all customers apply the appropriate patch(es) as soon as practical. However, in the event that a patch cannot immediately be applied, the following steps will help to mitigate the risk:
-
-
- Disable certificate based HTTPS authentication (and only allow username-password based authentication) for WebUI clients. Client's username-password authentication POST request will prohibit attacker's injected HTTP data from executing with client's cookie. CLI command: web-server mgmt-auth username/password
-
-
-
- Permit certificate based HTTPS authentication ONLY and disable username-password based authentication to WebUI. This will prohibit attacker from establishing a HTTPS session with ArubaOS (for MITM) without a valid client cert. CLI command: web-server mgmt-auth certificate
Note: This step won't stop command injection from attackers who have valid client certificates but their assigned management role privileges are lower than that of the admin. This attack may allow them to run commands at higher privilege than what is permitted in their role.
-
-
-
- Do not expose the Mobility Controller administrative interface to untrusted networks such as the Internet.
-
SOLUTION
Aruba Networks recommends that all customers apply the appropriate patch(es) as soon as practical.
The following patches have the fix (any newer patch will also have the fix):
-
-
-
- 2.5.6.24
-
-
-
-
-
- 3.3.2.23
-
-
-
-
-
- 3.3.3.2
-
-
-
-
-
- 3.4.0.7
-
-
-
-
-
- 3.4.1.1
-
-
-
-
-
- RN 3.1.4
-
-
Please contact Aruba support for obtaining patched FIPS releases.
Please note: We highly recommend that you upgrade your Mobility Controller to the latest available patch on the Aruba support site corresponding to your currently installed release.
REFERENCES
[1] http://extendedsubset.com/?p=8
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
+----------------------------------------------------
OBTAINING FIXED FIRMWARE
Aruba customers can obtain the firmware on the support website: http://www.arubanetworks.com/support.
Aruba Support contacts are as follows:
1-800-WiFiLAN (1-800-943-4526) (toll free from within North America)
+1-408-754-1200 (toll call from anywhere in the world)
e-mail: support(at)arubanetworks.com
Please, do not contact either "wsirt(at)arubanetworks.com" or "security(at)arubanetworks.com" for software upgrades.
EXPLOITATION AND PUBLIC ANNOUNCEMENTS
This vulnerability will be announced at
Aruba W.S.I.R.T. Advisory: http://www.arubanetworks.com/support/alerts/aid-020810.txt
SecurityFocus Bugtraq http://www.securityfocus.com/archive/1
STATUS OF THIS NOTICE: Final
Although Aruba Networks cannot guarantee the accuracy of all statements in this advisory, all of the facts have been checked to the best of our ability. Aruba Networks does not anticipate issuing updated versions of this advisory unless there is some material change in the facts. Should there be a significant change in the facts, Aruba Networks may update this advisory.
A stand-alone copy or paraphrase of the text of this security advisory that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
DISTRIBUTION OF THIS ANNOUNCEMENT
This advisory will be posted on Aruba's website at: http://www.arubanetworks.com/support/alerts/aid-020810.txt
Future updates of this advisory, if any, will be placed on Aruba's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
REVISION HISTORY
Revision 1.0 / 02-08-2010 / Initial release
ARUBA WSIRT SECURITY PROCEDURES
Complete information on reporting security vulnerabilities in Aruba Networks products, obtaining assistance with security incidents is available at http://www.arubanetworks.com/support/wsirt.php
For reporting NEW Aruba Networks security issues, email can be sent to wsirt(at)arubanetworks.com or security(at)arubanetworks.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at http://www.arubanetworks.com/support/wsirt.php
(c) Copyright 2010 by Aruba Networks, Inc.
This advisory may be redistributed freely after the release date given at the top of the text, provided that redistributed copies are complete and unmodified, including all date and version information. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAktwksYACgkQp6KijA4qefXErQCeKJW3YU3Nl7JY4+2Hp2zqM3bN bWAAoJWQT+yeWX2q+02hNEwHWQtGf1YP =CrHf -----END PGP SIGNATURE----- . Transport Layer Security (TLS) is a protocol for ensuring the privacy of communication applications and their users over the Internet. Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01963123 Version: 1
HPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of
Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-12-21 Last Updated: 2009-12-21
Potential Security Impact: Remote unauthorized data injection, Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running Apache v2.0.59.12 and earlier. The
vulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS).
References: CVE-2009-3555
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.12 and previous.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following temporary software updates to resolve the vulnerability.
NOTE: The vulnerability is resolved in OpenSSL 0.9.8l. HP-UX Apache v2.0.59.X versions use statically linked
libraries. HP-UX Apache v2.0.59.13 is compiled with OpenSSL 0.9.8l. Other versions of HP-UX Apache require the
HP-UX OpenSSL packages recommended in HPSBUX02482 SSRT090249, available here
http://www.itrc.hp.com/service/cki/secBullArchive.do
To review previously published Security Bulletins visit http://www.itrc.hp.com/service/cki/secBullArchive.do
The depots are available are available using ftp. Host / Account / Password
ftp.usa.hp.com / sb02498 / Secure12
HP-UX Release / Temporary Depot name / SHA-1 Sum
B.11.11 (IPv4 and IPv6) / Apache 2.0.59.13 PA-64-32-1111.depot / 3B6BE547403C28926482192408D5D5AB603A403D
B.11.23 PA-32 / Apache 2.0.59.13 IA-PA-32-1123.depot / 4809BAF0F83F78F60B7EC73FAF584D221B1CB4A7
B.11.23 IA-64 / Apache 2.0.59.13 IA-PA-64-1123.depot / 1D65F7D49883399F4D202E16754CF7DAE71E3B47
B.11.31 PA-32 / Apache 2.0.59.13 IA-PA-32-1131.depot / 943E21D4621B480B5E8E651ACB605B8F7EA47304
B.11.31 IA-64 / Apache 2.0.59.13 IA-PA-64-1131.depot / B8836FDB73434A3C26FB411E3F7CB3211129E5AC
MANUAL ACTIONS: Yes Install Apache v2.0.59.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security
Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a
specific HP-UX system. It can also download patches and create a depot automatically. For more information
see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For Apache IPv4 and IPv6 HP-UX B.11.11 ============= hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent
HP-UX B.11.23
hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent
HP-UX B.11.31
hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.13 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 21 December 2009 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
References: CVE-2009-3245, CVE-2009-3555, CVE-2009-4355, CVE-2010-0433, CVE-2010-0740. The upgrades are available from the following location.
For Debian 7 (wheezy) this update adds a missing part to make it actually possible to disable client-initiated renegotiation and disables it by default (CVE-2009-3555). TLS compression is disabled (CVE-2012-4929), although this is normally already disabled by the OpenSSL system library. Finally it adds the ability to disable the SSLv3 protocol (CVE-2014-3566) entirely via the new "DisableSSLv3" configuration directive, although it will not disabled by default in this update.
For Debian 8 (jessie) these issues have been fixed prior to the release, with the exception of client-initiated renegotiation (CVE-2009-3555). This update addresses that issue for jessie.
For the oldstable distribution (wheezy), these problems have been fixed in version 2.6-2+deb7u1.
For the stable distribution (jessie), these problems have been fixed in version 2.6-6+deb8u1.
For the unstable distribution (sid), these problems have been fixed in version 2.6-6.1.
We recommend that you upgrade your pound packages. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: OpenOffice.org Data Manipulation and Code Execution Vulnerabilities
SECUNIA ADVISORY ID: SA40070
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40070/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40070
RELEASE DATE: 2010-06-08
DISCUSS ADVISORY: http://secunia.com/advisories/40070/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40070/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40070
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in OpenOffice.org, which can be exploited by malicious people to manipulate certain data or compromise a user's system.
1) An error in the TLS protocol while handling session re-negotiations in included libraries can be exploited to manipulate session data.
For more information see vulnerability #1 in: SA37291
2) An error when exploring python code through the scripting IDE can be exploited to potentially execute arbitrary code.
The vulnerabilities are reported in versions prior to 3.2.1.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.openoffice.org/security/cves/CVE-2009-3555.html http://www.openoffice.org/security/cves/CVE-2010-0395.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. This could force the server to process an attacker's request as if authenticated using the victim's credentials.
The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169 (CVE-2013-1619).
The updated packages have been patched to correct these issues. HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA V3.1 and earlier. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Due to a bug in lighttpd, the server fails to start in some configurations if using the updated openssl libraries.
The packages for the hppa, mips, and mipsel architectures are not yet available. They will be released as soon as they have been built
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200911-0398",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "13"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "nginx",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "0.8.22"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "14"
},
{
"model": "nginx",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "0.1.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"model": "gnutls",
"scope": "lte",
"trust": 1.0,
"vendor": "gnu",
"version": "2.8.5"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.14"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "4.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "11"
},
{
"model": "nss",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.12.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "hp virtual connect",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"model": "hpe matrix operating environment",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9 \u30a8\u30f3\u30bf\u30fc\u30d7\u30e9\u30a4\u30ba",
"version": null
},
{
"model": "hpe systems insight manager",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9 \u30a8\u30f3\u30bf\u30fc\u30d7\u30e9\u30a4\u30ba",
"version": null
},
{
"model": "hitachi web server",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#120541"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.2.14",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.8k",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.8.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.12.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.8.22",
"versionStartIncluding": "0.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mandriva",
"sources": [
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "88167"
},
{
"db": "PACKETSTORM",
"id": "84181"
},
{
"db": "PACKETSTORM",
"id": "120714"
}
],
"trust": 0.4
},
"cve": "CVE-2009-3555",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2011-001632",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-41001",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-3555",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2009-3555",
"trust": 0.8,
"value": "0"
},
{
"author": "IPA",
"id": "JVNDB-2011-001632",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULHUB",
"id": "VHN-41001",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#120541"
},
{
"db": "VULHUB",
"id": "VHN-41001"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue. Hitachi Web Server for, SSL There is a vulnerability in which arbitrary data is inserted at the beginning of communication data when using the function.Arbitrary data may be inserted at the beginning of communication data by a third party. A vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction. \n\nSOLUTION:\nApply updates (please see the vendor\u0027s advisory for details). ===========================================================\nUbuntu Security Notice USN-860-1 November 19, 2009\napache2 vulnerabilities\nCVE-2009-3094, CVE-2009-3095, CVE-2009-3555\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.9\n\nUbuntu 8.04 LTS:\n apache2.2-common 2.2.8-1ubuntu0.14\n\nUbuntu 8.10:\n apache2.2-common 2.2.9-7ubuntu3.5\n\nUbuntu 9.04:\n apache2.2-common 2.2.11-2ubuntu2.5\n\nUbuntu 9.10:\n apache2.2-common 2.2.12-1ubuntu2.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\nprotocols. The flaw is with TLS renegotiation and\npotentially affects any software that supports this feature. Attacks\nagainst the HTTPS protocol are known, with the severity of the issue\ndepending on the safeguards used in the web application. Until the TLS\nprotocol and underlying libraries are adjusted to defend against this\nvulnerability, a partial, temporary workaround has been applied to Apache\nthat disables client initiated TLS renegotiation. This update does not\nprotect against server initiated TLS renegotiation when using\nSSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. \nUsers can defend againt server inititiated TLS renegotiation attacks by\nadjusting their Apache configuration to use SSLVerifyClient and\nSSLCipherSuite only on the server or virtual host level. (CVE-2009-3555)\n\nIt was discovered that mod_proxy_ftp in Apache did not properly sanitize\nits input when processing replies to EPASV and PASV commands. An attacker\ncould use this to cause a denial of service in the Apache child process. \n(CVE-2009-3094)\n\nAnother flaw was discovered in mod_proxy_ftp. \n(CVE-2009-3095)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz\n Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc\n Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb\n Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 834492 818915da9848657833480b1ead6b4a12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 224594 85a4480344a072868758c466f6a98747\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 229128 446b52088b9744fb776e53155403a474\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 142730 d43356422176ca29440f3e0572678093\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 269070 bf585dec777b0306cd80663c11b020df\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz\n Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc\n Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz\n Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 141660 958585d6391847cd5a618464054f7d37\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 206386 06402188459de8dab5279b5bfef768fa\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 233152 1165607c64c57c84212b6b106254e885\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 143838 28e9c3811feeac70b846279e82c23430\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz\n Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc\n Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz\n Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 209550 496d387e315370c0cd83489db663a356\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 778564 ffd7752394933004094c13b00113b263\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 208528 6672fb116e108687669c89197732fbb0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 261510 d3e1155682726cc28859156e647d97b3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 84558 68452b686e89320007e9c5367ce36345\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 926240 8282583e86e84bd256959540f39a515d\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 241280 1eea25472875056e34cd2c3283c60171\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 246024 5709e7421814ecfb83fff5804d429971\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz\n Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc\n Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz\n Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 258414 8ef063026de9790bac1965427ce1b584\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 213294 09701d434bd102e4205e551b4525afd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 87818 670c62615e107920c45893b3377ab2a0\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 244914 955bb5121da808d44aa994386d90723f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 214286 a378e2e0418631cec0f398379a446172\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz\n Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc\n Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz\n Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2336 009d381342b0be5280835a46c91f01d9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2314 17719223d92d46821098ce178b5947d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 155166 4347806710edff47fc051b4a68d5b448\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 90316 add7f446f6b524343c0066a486dd299a\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2\n\n\n. USN-990-1\nintroduced the new RFC5746 renegotiation extension in openssl, and\ncompletely resolves the issue. \n\nAfter updating openssl, an Apache server will allow both patched and\nunpatched web browsers to connect, but unpatched browsers will not be able\nto renegotiate. This update introduces the new SSLInsecureRenegotiation\ndirective for Apache that may be used to re-enable insecure renegotiations\nwith unpatched web browsers. This update adds backported support\n for the new RFC5746 renegotiation extension and will use it when both the\n client and the server support it. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2009:323\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : apache\n Date : December 7, 2009\n Affected: 2008.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been found and corrected in apache:\n \n Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c\n in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to\n cause a denial of service (memory consumption) via multiple calls, as\n demonstrated by initial SSL client handshakes to the Apache HTTP Server\n mod_ssl that specify a compression algorithm (CVE-2008-1678). Note\n that this security issue does not really apply as zlib compression\n is not enabled in the openssl build provided by Mandriva, but apache\n is patched to address this issue anyway (conserns 2008.1 only). \n \n Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the\n mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c\n in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions,\n allows remote attackers to inject arbitrary web script or HTML via\n wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this\n security issue was initially addressed with MDVSA-2008:195 but the\n patch fixing the issue was added but not applied in 2009.0. \n \n The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not\n properly handle Options=IncludesNOEXEC in the AllowOverride directive,\n which allows local users to gain privileges by configuring (1) Options\n Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a\n .htaccess file, and then inserting an exec element in a .shtml file\n (CVE-2009-1195). \n \n The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy\n module in the Apache HTTP Server before 2.3.3, when a reverse proxy\n is configured, does not properly handle an amount of streamed data\n that exceeds the Content-Length value, which allows remote attackers\n to cause a denial of service (CPU consumption) via crafted requests\n (CVE-2009-1890). \n \n Fix a potential Denial-of-Service attack against mod_deflate or other\n modules, by forcing the server to consume CPU time in compressing a\n large file after a client disconnects (CVE-2009-1891). \n \n The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in\n the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13\n allows remote FTP servers to cause a denial of service (NULL pointer\n dereference and child process crash) via a malformed reply to an EPSV\n command (CVE-2009-3094). \n \n The mod_proxy_ftp module in the Apache HTTP Server allows remote\n attackers to bypass intended access restrictions and send arbitrary\n commands to an FTP server via vectors related to the embedding of these\n commands in the Authorization HTTP header, as demonstrated by a certain\n module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903,\n this disclosure has no actionable information. However, because the\n VulnDisco Pack author is a reliable researcher, the issue is being\n assigned a CVE identifier for tracking purposes (CVE-2009-3095). \n \n Apache is affected by SSL injection or man-in-the-middle attacks\n due to a design flaw in the SSL and/or TLS protocols. A short term\n solution was released Sat Nov 07 2009 by the ASF team to mitigate\n these problems. Apache will now reject in-session renegotiation\n (CVE-2009-3555). \n \n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n \n This update provides a solution to these vulnerabilities. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n dd2bebdd6726d2d865331d37068a90b7 2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm\n 6de9d36a91b125cc03bafe911b7a38a2 2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm\n ab7963efad1b7951c94a24075a2070e7 2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm\n 42a53b597d5547fb88b7427cacd617a1 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm\n 1dff9d313e93c94e907d8c72348ed2e0 2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm\n b575ede2978ad47e41d355bd8b192725 2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm\n 8ff3dee24d2d2d9a8d13e567cf1eaced 2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm\n 7bae541dfec14b21700878514750de83 2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm\n 19cab766a26ce53bd7e7973ed92f0db4 2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm\n a1336e4ab4f282c388d7565bde4557fd 2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm\n 6b2f2eb949977349390fa3b06cf257e7 2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm\n 3640bbef5262ec0407126e31dd5ddde3 2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm\n 98793747365606baabc08f22e36a0a04 2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm\n d7fe4d88f25d2a01b0809ab5292b0999 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm\n 4c9f48adbd0b1d45a874f06b9275ebe3 2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm\n e5a1d9476316ccc9f183cb1ae5bbcf31 2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm\n 44f7810695a40519c68930695829f124 2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm\n d6f666e9954422664d1f029fc147b591 2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm\n 75e205ddbc9313b8d02519e57919923a 2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm\n 6d68e8fa7baccc2ad090c703fb33458e 2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm\n 331f18ce48403472fc7f8af6d5daee8e 2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm\n c75e69bcabc104938cb9033e591d1de8 2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm \n 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 3d4afe3f8da8369d80b6c195e132c5c0 2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm\n 37034ee7c7eb813de2a00a6945a10248 2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm\n ba296f9aa229a616a2c406d1a16912c3 2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm\n 77fa75d36e7a4bbe154c846e3271e7a3 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm\n ca29e2db08b29e319f2392b46ea4c3fe 2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n 3fbf5a0276adaa2d887a92482d81313f 2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm\n 9c66e471c2d2d3e43462302d0cc6f1c9 2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm\n 05020102a26a28b96319b23e3b6e43d6 2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm\n 7191542417b30ed77334f1b8366628aa 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n f4177dbdcfd2e3dc8e66be731ad731c4 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n fea417664f0a2689fa12308bd80c2fe4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm\n 9cf956fa426e6bdf6497337b6e26a2ab 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n 0d9d04ca878bb3f19f4764152da42d82 2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm\n dbbcd75dd83779f54f98fa3e16b59f13 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm\n dce8db6742ba28a71e18b86bb38688c8 2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm\n 2ff69d6e9c2cd3250f6746d4a7d921fd 2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm\n f298827d4dfa631a77907f7f5733fa29 2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm\n 6f02fb080e308ca0826fdb1ef00a1489 2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm\n b886d30d73c60a515b3ed36d7f186378 2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm\n 62d7754a5aa7af596cc06cd540d4025f 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm\n d3438e0967978e580be896bd85f1d953 2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm\n e72af335ec7c3c02b5a494fbd6e99e0e 2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm \n 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu\nMUj4lK2Wsb+qzbv2V+Ih30U=\n=VdZS\n-----END PGP SIGNATURE-----\n. \n \n Additionally the NSPR package has been upgraded to 4.8.4 that brings\n numerous upstream fixes. \n \n This update provides the latest versions of NSS and NSPR libraries\n and for which NSS is not vulnerable to this attack. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAruba Networks Security Advisory\n\nTitle: TLS Protocol Session Renegotiation Security Vulnerability\n\nAruba Advisory ID: AID-020810\nRevision: 1.0\n\nFor Public Release on 02/08/2010\n\n+----------------------------------------------------\n\nSUMMARY\n\nThis advisory addresses the renegotiation related vulnerability\ndisclosed recently in Transport Layer Security protocol [1][2]. \n\nThe only ArubaOS component that seems affected by this issue is the\nHTTPS WebUI administration interface. If a client browser (victim) is\nconfigured to authenticate to the WebUI over HTTPS using a client\ncertificate, an attacker can potentially use the victim\u0027s credentials\ntemporarily to execute arbitrary HTTP request for each initiation of an\nHTTPS session from the victim to the WebUI. This would happen without\nany HTTPS/TLS warnings to the victim. This condition can essentially be\nexploited by an attacker for command injection in beginning of a HTTPS\nsession between the victim and the ArubaOS WebUI. \n\nArubaOS itself does not initiate TLS renegotiation at any point and\nhence is only vulnerable to scenario where a client explicitly requests\nTLS renegotiation. Captive Portal users do not seem vulnerable to this\nissue unless somehow client certificates are being used to authenticate\ncaptive portal users. \n\nAFFECTED ArubaOS VERSIONS\n\n 2.5.6.x, 3.3.2.x, 3.3.3.x, 3.4.0.x, 3.4.1.x, RN 3.1.x, 3.3.2.x-FIPS,\n2.4.8.x-FIPS\n\n\nCHECK IF YOU ARE VULNERABLE\n\nThe only ArubaOS component that seems affected by this issue is the\nHTTPS WebUI administration interface. ArubaOS is vulnerable only if its\nconfiguration permits WebUI administration interface clients to connect\nusing either username/password or client certificates. If only one of\nthe two authentication method is allowed, this issue does not seem to apply. \n\nCheck if the following line appears in your configuration:\n\t\n\tweb-server mgmt-auth username/password certificate\n\nIf the exact line does not appear in the configuration, this issue does\nnot apply. \n\t\n\nDETAILS\n\nAn industry wide vulnerability was discovered in TLS protocol\u0027s\nrenegotiation feature, which allows a client and server who already have\na TLS connection to negotiate new session parameters and generate new\nkey material. Renegotiation is carried out in the existing TLS\nconnection. However there is no cryptographic binding between the\nrenegotiated TLS session and the original TLS session. An attacker who\nhas established MITM between client and server may be able to take\nadvantage of this and inject arbitrary data into the beginning of the\napplication protocol stream protected by TLS. Specifically arbitrary\nHTTP requests can be injected in a HTTPS session where attacker (MITM)\nblocks HTTPS session initiation between client and server, establishes\nHTTPS session with the server itself, injects HTTP data and initiates\nTLS renegotiation with the server. Then attacker allows the\nrenegotiation to occur between the client and the server. After\nsuccessful HTTPS session establishment with the server, now the client\nsends its HTTP request along with its HTTP credentials (cookie) to the\nserver. However due to format of attacker\u0027s injected HTTP data, the\nclient\u0027s HTTP request is not processed, rather the attacker\u0027s HTTP\nrequest gets executed with credentials of the client. The attacker is\nnot able to view the results of the injected HTTP request due to the\nfact that data between the client and the server is encrypted over\nHTTPS. \n\nArubaOS itself does not initiate TLS renegotiation at any point. The only ArubaOS component that seems affected\nby this issue is the HTTPS WebUI administration interface. \n\nPre-requisites for this attack :\n 1. The attacker must be able to establish a MITM between the client and\nthe server (ArubaOS WebUI). \n 2. The attacker must be able to establish a successful HTTPS session\nwith the server (ArubaOS WebUI)\n 3. ArubaOS must be configured to allow certificate based HTTPS\nauthentication for WebUI clients (client certs). \n\nCaptive Portal users do not seem vulnerable to this issue unless somehow\nclient certificates are being used to authenticate captive portal users. \n\nCVSS v2 BASE METRIC SCORE: 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)\n\n\nWORKAROUNDS\n\nAruba Networks recommends that all customers apply the appropriate\npatch(es) as soon as practical. However, in the event that a patch\ncannot immediately be applied, the following steps will help to mitigate\nthe risk:\n\n- - - Disable certificate based HTTPS authentication (and only allow\nusername-password based authentication) for WebUI clients. Client\u0027s\nusername-password authentication POST request will prohibit attacker\u0027s\ninjected HTTP data from executing with client\u0027s cookie. \n CLI command: web-server mgmt-auth username/password\n\n- - - Permit certificate based HTTPS authentication ONLY and disable\nusername-password based authentication to WebUI. This will prohibit\nattacker from establishing a HTTPS session with ArubaOS (for MITM)\nwithout a valid client cert. \n\t CLI command: web-server mgmt-auth certificate\n\t\n\tNote: This step won\u0027t stop command injection from attackers who have\nvalid client certificates but their assigned management role privileges\nare lower than that of the admin. This attack may allow them to run\ncommands at higher privilege than what is permitted in their role. \n\n- - - Do not expose the Mobility Controller administrative interface to\nuntrusted networks such as the Internet. \n\n\n\nSOLUTION\n\nAruba Networks recommends that all customers apply the appropriate\npatch(es) as soon as practical. \n\nThe following patches have the fix (any newer patch will also have the fix):\n\n- - - - 2.5.6.24\n- - - - 3.3.2.23\n- - - - 3.3.3.2\n- - - - 3.4.0.7\n- - - - 3.4.1.1\n- - - - RN 3.1.4\n\nPlease contact Aruba support for obtaining patched FIPS releases. \n\nPlease note: We highly recommend that you upgrade your Mobility\nController to the latest available patch on the Aruba support site\ncorresponding to your currently installed release. \n\n\nREFERENCES\n\n[1] http://extendedsubset.com/?p=8\n\n[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n\n\n\n\n+----------------------------------------------------\n\nOBTAINING FIXED FIRMWARE\n\nAruba customers can obtain the firmware on the support website:\n\thttp://www.arubanetworks.com/support. \n\nAruba Support contacts are as follows:\n\n\t1-800-WiFiLAN (1-800-943-4526) (toll free from within North America)\n\n\t+1-408-754-1200 (toll call from anywhere in the world)\n\n\te-mail: support(at)arubanetworks.com\n\nPlease, do not contact either \"wsirt(at)arubanetworks.com\" or\n\"security(at)arubanetworks.com\" for software upgrades. \n\n\nEXPLOITATION AND PUBLIC ANNOUNCEMENTS\n\nThis vulnerability will be announced at\n\nAruba W.S.I.R.T. Advisory:\nhttp://www.arubanetworks.com/support/alerts/aid-020810.txt\n\nSecurityFocus Bugtraq\nhttp://www.securityfocus.com/archive/1\n\n\nSTATUS OF THIS NOTICE: Final\n\nAlthough Aruba Networks cannot guarantee the accuracy of all statements\nin this advisory, all of the facts have been checked to the best of our\nability. Aruba Networks does not anticipate issuing updated versions of\nthis advisory unless there is some material change in the facts. Should\nthere be a significant change in the facts, Aruba Networks may update\nthis advisory. \n\nA stand-alone copy or paraphrase of the text of this security advisory\nthat omits the distribution URL in the following section is an uncontrolled\ncopy, and may lack important information or contain factual errors. \n\n\nDISTRIBUTION OF THIS ANNOUNCEMENT\n\nThis advisory will be posted on Aruba\u0027s website at:\nhttp://www.arubanetworks.com/support/alerts/aid-020810.txt\n\n\nFuture updates of this advisory, if any, will be placed on Aruba\u0027s worldwide\nwebsite, but may or may not be actively announced on mailing lists or\nnewsgroups. Users concerned about this problem are encouraged to check the\nabove URL for any updates. \n\n\nREVISION HISTORY\n\n Revision 1.0 / 02-08-2010 / Initial release\n\n\nARUBA WSIRT SECURITY PROCEDURES\n\nComplete information on reporting security vulnerabilities in Aruba Networks\nproducts, obtaining assistance with security incidents is available at\n http://www.arubanetworks.com/support/wsirt.php\n\n\nFor reporting *NEW* Aruba Networks security issues, email can be sent to\nwsirt(at)arubanetworks.com or security(at)arubanetworks.com. For sensitive\ninformation we encourage the use of PGP encryption. Our public keys can be\nfound at\n\thttp://www.arubanetworks.com/support/wsirt.php\n\n\n (c) Copyright 2010 by Aruba Networks, Inc. \nThis advisory may be redistributed freely after the release date given at\nthe top of the text, provided that redistributed copies are complete and\nunmodified, including all date and version information. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.14 (MingW32)\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/\n\niEYEARECAAYFAktwksYACgkQp6KijA4qefXErQCeKJW3YU3Nl7JY4+2Hp2zqM3bN\nbWAAoJWQT+yeWX2q+02hNEwHWQtGf1YP\n=CrHf\n-----END PGP SIGNATURE-----\n. Transport Layer Security (TLS) is a protocol for ensuring the privacy of communication applications and their users over the Internet. Service (DoS)\n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01963123\nVersion: 1\n\nHPSBUX02498 SSRT090264 rev.1 - HP-UX Running Apache, Remote Unauthorized Data Injection, Denial of\n\nService (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2009-12-21\nLast Updated: 2009-12-21\n\nPotential Security Impact: Remote unauthorized data injection, Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running Apache v2.0.59.12 and earlier. The\n\nvulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS). \n\nReferences: CVE-2009-3555\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.12 and previous. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following temporary software updates to resolve the vulnerability. \n\nNOTE: The vulnerability is resolved in OpenSSL 0.9.8l. HP-UX Apache v2.0.59.X versions use statically linked\n\nlibraries. HP-UX Apache v2.0.59.13 is compiled with OpenSSL 0.9.8l. Other versions of HP-UX Apache require the\n\nHP-UX OpenSSL packages recommended in HPSBUX02482 SSRT090249, available here\n\nhttp://www.itrc.hp.com/service/cki/secBullArchive.do\n\nTo review previously published Security Bulletins visit http://www.itrc.hp.com/service/cki/secBullArchive.do\n\nThe depots are available are available using ftp. \nHost / Account / Password\n\nftp.usa.hp.com / sb02498 / Secure12\n\nHP-UX Release / Temporary Depot name / SHA-1 Sum\n\nB.11.11 (IPv4 and IPv6) / Apache 2.0.59.13 PA-64-32-1111.depot /\n 3B6BE547403C28926482192408D5D5AB603A403D\n\nB.11.23 PA-32 / Apache 2.0.59.13 IA-PA-32-1123.depot /\n 4809BAF0F83F78F60B7EC73FAF584D221B1CB4A7\n\nB.11.23 IA-64 / Apache 2.0.59.13 IA-PA-64-1123.depot /\n 1D65F7D49883399F4D202E16754CF7DAE71E3B47\n\nB.11.31 PA-32 / Apache 2.0.59.13 IA-PA-32-1131.depot /\n 943E21D4621B480B5E8E651ACB605B8F7EA47304\n\nB.11.31 IA-64 / Apache 2.0.59.13 IA-PA-64-1131.depot /\n B8836FDB73434A3C26FB411E3F7CB3211129E5AC\n\nMANUAL ACTIONS: Yes\nInstall Apache v2.0.59.13 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security\n\nPatch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a\n\nspecific HP-UX system. It can also download patches and create a depot automatically. For more information\n\nsee: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor Apache IPv4 and IPv6\nHP-UX B.11.11\n=============\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.13 or subsequent\n\nHP-UX B.11.23\n=============\nhpuxwsAPCH32.APACHE\nhpuxwsAPCH32.APACHE2\nhpuxwsAPCH32.AUTH_LDAP\nhpuxwsAPCH32.AUTH_LDAP2\nhpuxwsAPCH32.MOD_JK\nhpuxwsAPCH32.MOD_JK2\nhpuxwsAPCH32.MOD_PERL\nhpuxwsAPCH32.MOD_PERL2\nhpuxwsAPCH32.PHP\nhpuxwsAPCH32.PHP2\nhpuxwsAPCH32.WEBPROXY\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.13 or subsequent\n\nHP-UX B.11.31\n=============\nhpuxwsAPCH32.APACHE\nhpuxwsAPCH32.APACHE2\nhpuxwsAPCH32.AUTH_LDAP\nhpuxwsAPCH32.AUTH_LDAP2\nhpuxwsAPCH32.MOD_JK\nhpuxwsAPCH32.MOD_JK2\nhpuxwsAPCH32.MOD_PERL\nhpuxwsAPCH32.MOD_PERL2\nhpuxwsAPCH32.PHP\nhpuxwsAPCH32.PHP2\nhpuxwsAPCH32.WEBPROXY\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.13 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 21 December 2009 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\nReferences: CVE-2009-3245, CVE-2009-3555, CVE-2009-4355, CVE-2010-0433, CVE-2010-0740. \nThe upgrades are available from the following location. \n\nFor Debian 7 (wheezy) this update adds a missing part to make it\nactually possible to disable client-initiated renegotiation and\ndisables it by default (CVE-2009-3555). TLS compression is disabled\n(CVE-2012-4929), although this is normally already disabled by the OpenSSL\nsystem library. Finally it adds the ability to disable the SSLv3 protocol\n(CVE-2014-3566) entirely via the new \"DisableSSLv3\" configuration\ndirective, although it will not disabled by default in this update. \n\nFor Debian 8 (jessie) these issues have been fixed prior to the release,\nwith the exception of client-initiated renegotiation (CVE-2009-3555). \nThis update addresses that issue for jessie. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 2.6-2+deb7u1. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.6-6+deb8u1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.6-6.1. \n\nWe recommend that you upgrade your pound packages. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nOpenOffice.org Data Manipulation and Code Execution Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA40070\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40070/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40070\n\nRELEASE DATE:\n2010-06-08\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40070/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40070/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40070\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in OpenOffice.org, which can\nbe exploited by malicious people to manipulate certain data or\ncompromise a user\u0027s system. \n\n1) An error in the TLS protocol while handling session\nre-negotiations in included libraries can be exploited to manipulate\nsession data. \n\nFor more information see vulnerability #1 in:\nSA37291\n\n2) An error when exploring python code through the scripting IDE can\nbe exploited to potentially execute arbitrary code. \n\nThe vulnerabilities are reported in versions prior to 3.2.1. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.openoffice.org/security/cves/CVE-2009-3555.html\nhttp://www.openoffice.org/security/cves/CVE-2010-0395.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. This could force the server to\n process an attacker\u0026#039;s request as if authenticated using the victim\u0026#039;s\n credentials. \n \n The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28,\n and 3.1.x before 3.1.7 does not properly consider timing side-channel\n attacks on a noncompliant MAC check operation during the processing\n of malformed CBC padding, which allows remote attackers to conduct\n distinguishing attacks and plaintext-recovery attacks via statistical\n analysis of timing data for crafted packets, a related issue to\n CVE-2013-0169 (CVE-2013-1619). \n \n The updated packages have been patched to correct these issues. \nHP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA V3.1 and earlier. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Due\nto a bug in lighttpd, the server fails to start in some configurations\nif using the updated openssl libraries. \n\nThe packages for the hppa, mips, and mipsel architectures are not yet\navailable. They will be released as soon as they have been built",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3555"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"db": "CERT/CC",
"id": "VU#120541"
},
{
"db": "PACKETSTORM",
"id": "100765"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "94088"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "88167"
},
{
"db": "PACKETSTORM",
"id": "86075"
},
{
"db": "VULHUB",
"id": "VHN-41001"
},
{
"db": "PACKETSTORM",
"id": "84183"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "131826"
},
{
"db": "PACKETSTORM",
"id": "90344"
},
{
"db": "PACKETSTORM",
"id": "84181"
},
{
"db": "PACKETSTORM",
"id": "120714"
},
{
"db": "PACKETSTORM",
"id": "89667"
},
{
"db": "PACKETSTORM",
"id": "111920"
},
{
"db": "PACKETSTORM",
"id": "97489"
}
],
"trust": 3.78
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-41001",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41001"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3555",
"trust": 4.9
},
{
"db": "CERT/CC",
"id": "VU#120541",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "40070",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "38781",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42377",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37501",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39632",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37604",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "41972",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43308",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38241",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37859",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39292",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42816",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42379",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39317",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38020",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42467",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37320",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37640",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37656",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37383",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42724",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38003",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "44183",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42733",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38484",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "40545",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "40866",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39242",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38056",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39278",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39243",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42808",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37675",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39127",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39461",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39819",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37453",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "40747",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "41490",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39628",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "44954",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39500",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "48577",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42811",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37291",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "41480",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37292",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37399",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39713",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38687",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37504",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39136",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "41967",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023217",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023273",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023274",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023206",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023272",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023427",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023218",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023163",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023214",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023211",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023219",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023216",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1024789",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023148",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023213",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023271",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023243",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023209",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023215",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023208",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023411",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023204",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023224",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023210",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023207",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023426",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023428",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023205",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023275",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023270",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1023212",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-2745",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3353",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-3069",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0086",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3354",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3484",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1793",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3310",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0982",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0033",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3220",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-2010",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1639",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1107",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-3126",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0916",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3164",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0032",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0086",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3313",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0748",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1350",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3521",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0994",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-3086",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1191",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0173",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3587",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0933",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3205",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1054",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0848",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1673",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-3165",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2009/11/05/3",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2009/11/07/3",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2009/11/23/10",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2009/11/05/5",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2009/11/20/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2009/11/06/3",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "65202",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "62210",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "60521",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "60972",
"trust": 1.1
},
{
"db": "HITACHI",
"id": "HS10-030",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA10-222A",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA10-287A",
"trust": 1.1
},
{
"db": "BID",
"id": "36935",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-22-160-01",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU95298925",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002319",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001632",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "88167",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "120714",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "97489",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131826",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "94088",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "89667",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "84183",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "86075",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "84181",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "10071",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "10579",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82657",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130868",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88173",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91309",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120365",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106155",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83415",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111273",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83414",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92095",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124088",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "95279",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137201",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102374",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106156",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89136",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92497",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88621",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88698",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84112",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90286",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114810",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88224",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123380",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-200911-069",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-67231",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-41001",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "44292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "100765",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82799",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83521",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88387",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90344",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111920",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#120541"
},
{
"db": "VULHUB",
"id": "VHN-41001"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"db": "PACKETSTORM",
"id": "100765"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "94088"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "88167"
},
{
"db": "PACKETSTORM",
"id": "86075"
},
{
"db": "PACKETSTORM",
"id": "97489"
},
{
"db": "PACKETSTORM",
"id": "84183"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "131826"
},
{
"db": "PACKETSTORM",
"id": "90344"
},
{
"db": "PACKETSTORM",
"id": "84181"
},
{
"db": "PACKETSTORM",
"id": "120714"
},
{
"db": "PACKETSTORM",
"id": "89667"
},
{
"db": "PACKETSTORM",
"id": "111920"
},
{
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"id": "VAR-200911-0398",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41001"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:54:40.707000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HS11-006 Software product security information",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142660345230545\u0026amp;w=2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001632"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.1
},
{
"problemtype": "Lack of information (CWE-noinfo) [IPA evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41001"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://extendedsubset.com/?p=8"
},
{
"trust": 1.9,
"url": "http://www.links.org/?p=780"
},
{
"trust": 1.9,
"url": "http://www.links.org/?p=786"
},
{
"trust": 1.9,
"url": "http://www.links.org/?p=789"
},
{
"trust": 1.9,
"url": "http://blogs.iss.net/archive/sslmitmiscsrf.html"
},
{
"trust": 1.9,
"url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html"
},
{
"trust": 1.9,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"trust": 1.9,
"url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"
},
{
"trust": 1.9,
"url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 1.2,
"url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt"
},
{
"trust": 1.2,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html"
},
{
"trust": 1.2,
"url": "http://www.openoffice.org/security/cves/cve-2009-3555.html"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1"
},
{
"trust": 1.1,
"url": "http://securitytracker.com/id?1023148"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023163"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023204"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023205"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023206"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023207"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023208"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023209"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023210"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023211"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023212"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023213"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023214"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023215"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023216"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023217"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023218"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023219"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023224"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023243"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023270"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023271"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023272"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023273"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023274"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023275"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023411"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023426"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023427"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1023428"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1024789"
},
{
"trust": 1.1,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b01d1d.shtml"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2009/nov/139"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/507952/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/508130/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/36935"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37291"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37292"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37320"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37383"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37399"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37453"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37501"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37504"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37604"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37640"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37656"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37675"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37859"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38003"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38020"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38056"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38241"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38484"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38687"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38781"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39127"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39136"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39242"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39243"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39278"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39292"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39317"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39461"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39500"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39628"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39632"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39713"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39819"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/40070"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/40545"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/40747"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/40866"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/41480"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/41490"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/41967"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/41972"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42377"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42379"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42467"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42724"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42733"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42808"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42811"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42816"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43308"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/44183"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/44954"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48577"
},
{
"trust": 1.1,
"url": "http://osvdb.org/60521"
},
{
"trust": 1.1,
"url": "http://osvdb.org/60972"
},
{
"trust": 1.1,
"url": "http://osvdb.org/62210"
},
{
"trust": 1.1,
"url": "http://osvdb.org/65202"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3164"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3165"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3205"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3220"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3310"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3313"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3353"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3354"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3484"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3521"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/3587"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0086"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0173"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0748"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0848"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0916"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0933"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0982"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0994"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/1054"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/1191"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/1350"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/1639"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/1673"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/2010"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/3069"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/3086"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/3126"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0032"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0033"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0086"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2010/jan/msg00000.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2010//may/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2010//may/msg00002.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2009/dsa-1934"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2011/dsa-2141"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg01029.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg01020.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00645.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00944.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00428.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00442.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00449.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00634.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049702.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049528.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049455.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-april/039561.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-april/039957.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-may/040652.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200912-01.xml"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201203-22.xml"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c02436041"
},
{
"trust": 1.1,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02273751"
},
{
"trust": 1.1,
"url": "http://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02512995"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01945686"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1ic67848"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1ic68054"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1ic68055"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:076"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:084"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:089"
},
{
"trust": 1.1,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm12247"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0119.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0130.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0155.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0165.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0167.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0337.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0338.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0339.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0768.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0770.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0786.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0807.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0865.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0986.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0987.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0880.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-222a.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-287a.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-1010-1"
},
{
"trust": 1.1,
"url": "http://ubuntu.com/usn/usn-923-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-927-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-927-4"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-927-5"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/120541"
},
{
"trust": 1.1,
"url": "http://openbsd.org/errata45.html#010_openssl"
},
{
"trust": 1.1,
"url": "http://openbsd.org/errata46.html#004_openssl"
},
{
"trust": 1.1,
"url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/3"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2009/11/05/5"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2009/11/06/3"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2009/11/07/3"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/1"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2009/11/23/10"
},
{
"trust": 1.1,
"url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html"
},
{
"trust": 1.1,
"url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during"
},
{
"trust": 1.1,
"url": "http://clicky.me/tlsvuln"
},
{
"trust": 1.1,
"url": "http://extendedsubset.com/renegotiating_tls.pdf"
},
{
"trust": 1.1,
"url": "http://kbase.redhat.com/faq/docs/doc-20491"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4004"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4170"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4171"
},
{
"trust": 1.1,
"url": "http://support.avaya.com/css/p8/documents/100070150"
},
{
"trust": 1.1,
"url": "http://support.avaya.com/css/p8/documents/100081611"
},
{
"trust": 1.1,
"url": "http://support.avaya.com/css/p8/documents/100114315"
},
{
"trust": 1.1,
"url": "http://support.avaya.com/css/p8/documents/100114327"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx123359"
},
{
"trust": 1.1,
"url": "http://support.zeus.com/zws/media/docs/4.3/release_notes"
},
{
"trust": 1.1,
"url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"
},
{
"trust": 1.1,
"url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt"
},
{
"trust": 1.1,
"url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html"
},
{
"trust": 1.1,
"url": "http://wiki.rpath.com/advisories:rpsa-2009-0155"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312"
},
{
"trust": 1.1,
"url": "http://www.betanews.com/article/1257452450"
},
{
"trust": 1.1,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs10-030/index.html"
},
{
"trust": 1.1,
"url": "http://www.ingate.com/relnote.php?ver=481"
},
{
"trust": 1.1,
"url": "http://www.openssl.org/news/secadv_20091111.txt"
},
{
"trust": 1.1,
"url": "http://www.opera.com/docs/changelogs/unix/1060/"
},
{
"trust": 1.1,
"url": "http://www.opera.com/support/search/view/944/"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"trust": 1.1,
"url": "http://www.proftpd.org/docs/release_notes-1.3.2c"
},
{
"trust": 1.1,
"url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html"
},
{
"trust": 1.1,
"url": "http://www.tombom.co.uk/blog/?p=85"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0019.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2011-0003.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"trust": 1.1,
"url": "http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html"
},
{
"trust": 1.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689"
},
{
"trust": 1.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10088"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11578"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11617"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7315"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7478"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7973"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8366"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8535"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=126150535619567\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=127419602507642\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=133469267822771\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=cryptography\u0026m=125752275331877\u0026w=2"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.597446"
},
{
"trust": 1.0,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pm00675\u0026apar=only"
},
{
"trust": 1.0,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa50"
},
{
"trust": 0.8,
"url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html"
},
{
"trust": 0.8,
"url": "http://cvs.openssl.org/chngview?cn=18790"
},
{
"trust": 0.8,
"url": "http://www.links.org/files/no-renegotiation-2.patch"
},
{
"trust": 0.8,
"url": "http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95298925/"
},
{
"trust": 0.8,
"url": "http://jvndb.jvn.jp/ja/contents/2009/jvndb-2009-002319.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3555"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-160-01"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.3,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.2,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.2,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz"
},
{
"trust": 0.2,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz"
},
{
"trust": 0.2,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3094"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=132077688910227\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142660345230545\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=127419602507642\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=134254866602253\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=130497311408250\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=133469267822771\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=126150535619567\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=127128920008563\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=127557596201693\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026amp;q=pm00675\u0026amp;apar=only"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2009\u0026amp;m=slackware-security.597446"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=apache-httpd-announce\u0026amp;m=125755783724966\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=cryptography\u0026amp;m=125752275331877\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://kb.bluecoat.com/index?page=content\u0026amp;id=sa50"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44292/"
},
{
"trust": 0.1,
"url": "http://secunia.com/research/"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html#appendixas"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44292"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/open_positions/reverse_engineer"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44292/#comments"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.7.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.18_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.7.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.7_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.18_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.14-5ubuntu8.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.18_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.18_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.7_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-mpm-itk_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.7_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.18_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.18_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.18_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.14-5ubuntu8.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.18.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.14-5ubuntu8.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.14-5ubuntu8.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.18.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.18_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.18_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.18_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-mpm-itk_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.18_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.14-5ubuntu8.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotiation"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1678"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2939"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3095"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1191"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1678"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3094"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.arubanetworks.com/support."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org/"
},
{
"trust": 0.1,
"url": "http://www.arubanetworks.com/support/wsirt.php"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/archive/1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0740"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4355"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3245"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4929"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2010-0395.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40070/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40070/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40070"
},
{
"trust": 0.1,
"url": "http://bugs.proftpd.org/show_bug.cgi?id=3324"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1619"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1619"
},
{
"trust": 0.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/softwaredescription.jsp?switem=mtx-6a3f2fa832db4ddf9b3398f04c"
},
{
"trust": 0.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/softwaredescription.jsp?switem=mtx-1b189d95582249b58d9ca94c45"
},
{
"trust": 0.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/softwaredescription.jsp?switem=mtx-4311cc1b61fd42a4874b13d714"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2526"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2902"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0580"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2693"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0781"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_java.html"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2729"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2901"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#120541"
},
{
"db": "VULHUB",
"id": "VHN-41001"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"db": "PACKETSTORM",
"id": "100765"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "94088"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "88167"
},
{
"db": "PACKETSTORM",
"id": "86075"
},
{
"db": "PACKETSTORM",
"id": "97489"
},
{
"db": "PACKETSTORM",
"id": "84183"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "131826"
},
{
"db": "PACKETSTORM",
"id": "90344"
},
{
"db": "PACKETSTORM",
"id": "84181"
},
{
"db": "PACKETSTORM",
"id": "120714"
},
{
"db": "PACKETSTORM",
"id": "89667"
},
{
"db": "PACKETSTORM",
"id": "111920"
},
{
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#120541"
},
{
"db": "VULHUB",
"id": "VHN-41001"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"db": "PACKETSTORM",
"id": "100765"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "94088"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "88167"
},
{
"db": "PACKETSTORM",
"id": "86075"
},
{
"db": "PACKETSTORM",
"id": "97489"
},
{
"db": "PACKETSTORM",
"id": "84183"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "131826"
},
{
"db": "PACKETSTORM",
"id": "90344"
},
{
"db": "PACKETSTORM",
"id": "84181"
},
{
"db": "PACKETSTORM",
"id": "120714"
},
{
"db": "PACKETSTORM",
"id": "89667"
},
{
"db": "PACKETSTORM",
"id": "111920"
},
{
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-11-11T00:00:00",
"db": "CERT/CC",
"id": "VU#120541"
},
{
"date": "2009-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-41001"
},
{
"date": "2011-05-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"date": "2011-04-24T07:03:17",
"db": "PACKETSTORM",
"id": "100765"
},
{
"date": "2009-11-19T18:46:00",
"db": "PACKETSTORM",
"id": "82799"
},
{
"date": "2010-09-21T22:55:35",
"db": "PACKETSTORM",
"id": "94088"
},
{
"date": "2009-12-07T21:57:59",
"db": "PACKETSTORM",
"id": "83521"
},
{
"date": "2010-04-07T02:30:56",
"db": "PACKETSTORM",
"id": "88167"
},
{
"date": "2010-02-09T18:53:40",
"db": "PACKETSTORM",
"id": "86075"
},
{
"date": "2011-01-13T03:33:06",
"db": "PACKETSTORM",
"id": "97489"
},
{
"date": "2009-12-22T20:50:12",
"db": "PACKETSTORM",
"id": "84183"
},
{
"date": "2010-04-15T22:26:05",
"db": "PACKETSTORM",
"id": "88387"
},
{
"date": "2015-05-08T13:32:34",
"db": "PACKETSTORM",
"id": "131826"
},
{
"date": "2010-06-07T16:47:06",
"db": "PACKETSTORM",
"id": "90344"
},
{
"date": "2009-12-22T20:42:09",
"db": "PACKETSTORM",
"id": "84181"
},
{
"date": "2013-03-08T04:15:53",
"db": "PACKETSTORM",
"id": "120714"
},
{
"date": "2010-05-19T05:44:26",
"db": "PACKETSTORM",
"id": "89667"
},
{
"date": "2012-04-17T20:41:11",
"db": "PACKETSTORM",
"id": "111920"
},
{
"date": "2009-11-09T17:30:00.407000",
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#120541"
},
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41001"
},
{
"date": "2022-06-13T05:59:00",
"db": "JVNDB",
"id": "JVNDB-2011-001632"
},
{
"date": "2023-02-13T02:20:27.983000",
"db": "NVD",
"id": "CVE-2009-3555"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120714"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SSL and TLS protocols renegotiation vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#120541"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "94088"
},
{
"db": "PACKETSTORM",
"id": "86075"
},
{
"db": "PACKETSTORM",
"id": "120714"
}
],
"trust": 0.4
}
}
VAR-201805-0963
Vulnerability from variot - Updated: 2024-07-23 21:53Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is firmware that runs in the central processor for managing and controlling the CPU. Multiple CPUHardware information disclosure vulnerabilities. The vulnerability is caused by a race condition in the CPU cache processing. Local attackers can exploit vulnerabilities to obtain sensitive information through side channel analysis. AMD, ARM, and Intel CPUs are all CPU (central processing unit) products from different manufacturers. AMD, ARM, and Intel CPUs have security vulnerabilities. Relevant releases/architectures:
RHV-M 4.2 - noarch
- Description:
The org.ovirt.engine-root is a core component of oVirt. 7) - x86_64
- Description:
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Once all virtual machines have shut down, start them again for this update to take effect. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:1965-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1965 Issue date: 2018-06-26 CVE Names: CVE-2017-11600 CVE-2018-3639 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - noarch, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - noarch, ppc64le
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, PowerPC, x86 AMD)
-
kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message (CVE-2017-11600)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3485871
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1474928 - CVE-2017-11600 kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-862.6.3.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
x86_64: kernel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm perf-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-862.6.3.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
x86_64: kernel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm perf-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-862.6.3.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
ppc64: kernel-3.10.0-862.6.3.el7.ppc64.rpm kernel-bootwrapper-3.10.0-862.6.3.el7.ppc64.rpm kernel-debug-3.10.0-862.6.3.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.6.3.el7.ppc64.rpm kernel-devel-3.10.0-862.6.3.el7.ppc64.rpm kernel-headers-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.ppc64.rpm perf-3.10.0-862.6.3.el7.ppc64.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm python-perf-3.10.0-862.6.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm
ppc64le: kernel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm kernel-devel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-headers-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-libs-3.10.0-862.6.3.el7.ppc64le.rpm perf-3.10.0-862.6.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm
s390x: kernel-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-devel-3.10.0-862.6.3.el7.s390x.rpm kernel-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-862.6.3.el7.s390x.rpm kernel-devel-3.10.0-862.6.3.el7.s390x.rpm kernel-headers-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-devel-3.10.0-862.6.3.el7.s390x.rpm perf-3.10.0-862.6.3.el7.s390x.rpm perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm python-perf-3.10.0-862.6.3.el7.s390x.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm
x86_64: kernel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm perf-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
ppc64le: kernel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm kernel-devel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-headers-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-libs-3.10.0-862.6.3.el7.ppc64le.rpm perf-3.10.0-862.6.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm
s390x: kernel-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-devel-3.10.0-862.6.3.el7.s390x.rpm kernel-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-862.6.3.el7.s390x.rpm kernel-devel-3.10.0-862.6.3.el7.s390x.rpm kernel-headers-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-devel-3.10.0-862.6.3.el7.s390x.rpm perf-3.10.0-862.6.3.el7.s390x.rpm perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm python-perf-3.10.0-862.6.3.el7.s390x.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-devel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
noarch: kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-devel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-862.6.3.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
x86_64: kernel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm perf-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-11600 https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/3485871
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBWzJvQtzjgjWX9erEAQhA1BAAnHot2ERbRC9tVbWzn8egMTLwNGaPfu8b RhzRg0qgwySJM7JXfEC2fKJYoCaL71ykhGUC98wNc5SJVqkfzMt66pyxrMrK8Ff2 +LJW3BFAbFfzzt/NMRwXM+s2TSNj6BhqWpohgmB83jz3uPzH51QBp2SbumMDwdrj VN9/rZlA/2rofE/7Lyz2B/Rks5oEvRbW4pf4hDpARDLqD8iU4UhW8QGb4HZfH//X lvVTnKaMvCN1Jecc0fyp6lE4no2FBMPBlIQvnHcHw4gtjBajN4Ics/nMEXs7Zp2/ +sCtyWuH06G6hiawMHmCaw6QPqIvhJ2zcgzZl+18ITDk3OOlIPhpFJHQ1hjKZR3v 5PqvGyVXuKqzwtRIdTvDNIrI42R31xUiLXSk24scMO8p5IiCrONn2Med4LsOH6k8 9hMyYG+oYo3SKjes8N9Q3Gzf98MR/Kkx/5nRRmLpQEHehhNIgBebhscWdL535Ufk NJ1a4SHRxCoj3WSpx6XDZ+ZjHHWJVYZ8TnvHY2qrD1r1BCZNXkeBYZ4Fthelu5BS iGLax+RbZbS0n83AmEV7rq85o1i95fJPYTuZ1xzcx8DxZcgwoc6X8h9doz2Rz9Mq 08nScZYH4g6ruhcvWFYnsxx/hYpWvnnaUlmDGKhoUpd5+hCPP3hTx+GvFKi/IjiD rcTDRBuyPRI= =PPUN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6.6) - noarch, x86_64
- (CVE-2018-3639)
Note: This issue is present in hardware and cannot be fully fixed via software update. To be fully functional, up-to-date CPU microcode applied on the system might be required.
In this update, mitigation for PowerPC architecture is provided. Description:
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. 6) - i386, noarch, x86_64
- Description:
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. (CVE-2018-3639)
Note: This is the OpenJDK side of the CVE-2018-3639 mitigation.
Bug Fix(es):
- If the cifs_reopen_file() function failed to find a file, the pointer to the cifsFileInfo structure was not reinitialized by being set to "NULL". Subsequently, the find_writable_file() function used an invalid pointer to cifsFileInfo. Consequently, the operating system terminated unexpectedly. As a result, the operating system no longer crashes due to this bug. (BZ#1577086)
4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0963",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xeon e5 2470 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3460"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v2"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5506"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3480"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v3"
},
{
"model": "xeon e3 1270 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1220_"
},
{
"model": "simatic s7-1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.6"
},
{
"model": "sinema remote connect",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e5 1660 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3850"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3403"
},
{
"model": "xeon e3 1260l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v3"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585l_v5"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86132"
},
{
"model": "simatic ipc3000 smart",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "micloud management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "*"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5507"
},
{
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4005"
},
{
"model": "xeon e3 1226 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1241 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v5"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867l"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86152"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v3"
},
{
"model": "simatic ipc847c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.01.14"
},
{
"model": "xeon e-1105c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "cloud global management system",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "xeon e3 1501m v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v4"
},
{
"model": "xeon e5 2448l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160t"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8180"
},
{
"model": "xeon e3 1285l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v4"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85120"
},
{
"model": "xeon e3 1230 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v3"
},
{
"model": "xeon e5 2403",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860"
},
{
"model": "simatic ipc427d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "17.0x.14"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "125c_"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "xeon e3 1280 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v3"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4657l_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v3"
},
{
"model": "xeon e3 1230 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86136"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5540"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86146"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v4"
},
{
"model": "simatic itp1000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "23.01.04"
},
{
"model": "sonicosv",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3426"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5503"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "xeon e3 1225 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2418l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2648l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3827"
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114t"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610"
},
{
"model": "xeon e5 2618l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc427c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e5 2440",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "xeon e5 2603 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2890_v2"
},
{
"model": "xeon e3 1285 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2618l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2640 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2618l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1276 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86144"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3460"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1575m_v5"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v3"
},
{
"model": "xeon e3 1240 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "virtualization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "32nm"
},
{
"model": "surface studio",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86138"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4807"
},
{
"model": "xeon e5 2407 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "itc1900",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5550"
},
{
"model": "xeon e5 2430l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860_v2"
},
{
"model": "pentium",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4100"
},
{
"model": "xeon e5 1620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc627c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.02.15"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585_v5"
},
{
"model": "xeon e3 1105c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1265l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85120t"
},
{
"model": "xeon e5 2428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2308"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v3"
},
{
"model": "xeon e3 12201 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ruggedcom ape",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e3 1230",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5518_"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850_v2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "simatic ipc677d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.02.11"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170"
},
{
"model": "itc1900 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7500"
},
{
"model": "xeon e5 2418l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176f"
},
{
"model": "xeon e3 1290 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86126t"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85122"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "sp2"
},
{
"model": "pentium",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4000"
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v2"
},
{
"model": "xeon e3 1245 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic field pg m4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "18.01.09"
},
{
"model": "jetson tx2",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "r28.3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v2"
},
{
"model": "simatic ipc427e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.09"
},
{
"model": "xeon e3 1280 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1281 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2560"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8156"
},
{
"model": "xeon e3 1268l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3455"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v4"
},
{
"model": "xeon e5 1660",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w"
},
{
"model": "xeon e5 1680 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1275 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc827c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.02.15"
},
{
"model": "xeon e5 2420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86134m"
},
{
"model": "xeon e3 1230 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8830"
},
{
"model": "xeon e5 1428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5508_"
},
{
"model": "xeon e5 1660 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1505m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "45nm"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3338"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86148f"
},
{
"model": "surface",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e3 1271 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3470"
},
{
"model": "xeon e3 1286 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4648_v3"
},
{
"model": "xeon e3 1286l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "mivoice connect",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3530"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "xeon e3 1230 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1280 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85115"
},
{
"model": "pentium silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j5005"
},
{
"model": "xeon e3 1270 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658a_v3"
},
{
"model": "xeon e5 2630",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1225 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5504"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v4"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "struxureware data center expert",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "7.6.0"
},
{
"model": "xeon e3 1240l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "surface pro",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "3"
},
{
"model": "xeon e5 2630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2608l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v3"
},
{
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "15"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5570"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3308"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v3"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5520"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1565l_v5"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8857_v2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v2"
},
{
"model": "xeon e5 2620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86130"
},
{
"model": "xeon e3 12201",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8168"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3758"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2650l_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v4"
},
{
"model": "xeon e3 1505l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2418l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870_v2"
},
{
"model": "xeon e5 2640 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic field pg m5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "22.01.06"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3958"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3508"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v2"
},
{
"model": "xeon e5 2608l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4109t"
},
{
"model": "xeon e3 1285l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v3"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86128"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v4"
},
{
"model": "simatic ipc477e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.09"
},
{
"model": "xeon e3 1268l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6550"
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3845"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v4"
},
{
"model": "mivoice 5000",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e5 1428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2650l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86150"
},
{
"model": "xeon e5 2630 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3785"
},
{
"model": "xeon e3 1285 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2630l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820"
},
{
"model": "xeon e5 2628l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850"
},
{
"model": "xeon e3 1258l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116t"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3600"
},
{
"model": "xeon e3 1220 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v3"
},
{
"model": "xeon e3 1260l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "itc2200 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86134"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v2"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2760"
},
{
"model": "xeon e3 1225 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2643",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3825"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "9"
},
{
"model": "xeon e3 1245 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2609 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v4"
},
{
"model": "xeon e5 2448l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3805"
},
{
"model": "xeon e5 2609 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3580"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v3"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745d"
},
{
"model": "xeon e5 1660 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "simatic ipc477c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v6"
},
{
"model": "pentium",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4200"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3955"
},
{
"model": "xeon e5 2643 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2403 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v2"
},
{
"model": "sinumerik pcu 50.5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.02.15"
},
{
"model": "xeon e5 2407",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160m"
},
{
"model": "xeon e3 1501l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v3"
},
{
"model": "simatic ipc827d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.02.11"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650l"
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3826"
},
{
"model": "xeon e5 2470",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "45nm"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735g"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3480"
},
{
"model": "xeon e5 2650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc647d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.01.14"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86154"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86142m"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v2"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5506"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v3"
},
{
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3450"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "45nm"
},
{
"model": "global management system",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "xeon e5 2430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736g"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2803"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607_v2"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3795"
},
{
"model": "surface pro",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1796"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "12"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v2"
},
{
"model": "simatic ipc627d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.02.11"
},
{
"model": "pentium silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n5000"
},
{
"model": "xeon e5 2430 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "xeon e3 1245",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6540"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v2"
},
{
"model": "xeon e5 2650l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "13"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699a_v4"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "xeon e5 2603 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2628l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1278l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160f"
},
{
"model": "xeon e5 2620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows 7",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e3 1240 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc847d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.01.14"
},
{
"model": "local service management system",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "13.3"
},
{
"model": "surface book",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v4"
},
{
"model": "xeon e5 2643 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.9"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86140m"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8153"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v4"
},
{
"model": "xeon e3 1270",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v3"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3708"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v4"
},
{
"model": "web application firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85119t"
},
{
"model": "xeon e3 1245 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2408l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v4"
},
{
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "57"
},
{
"model": "xeon e5 2428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2650l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86130f"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620"
},
{
"model": "xeon e5 2640",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5560"
},
{
"model": "xeon e5 1680 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "itc2200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697a_v4"
},
{
"model": "surface book",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e3 1220l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745"
},
{
"model": "xeon e5 2428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3406"
},
{
"model": "xeon e5 2637 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1240 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4617"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v4"
},
{
"model": "xeon e3 1275 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1225",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "32nm"
},
{
"model": "xeon e3 1275l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86142"
},
{
"model": "xeon e5 2637 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v2"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86126"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8164"
},
{
"model": "xeon e5 2650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v4"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3808"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8158"
},
{
"model": "atom x7-e3950",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86140"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5600"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v2"
},
{
"model": "xeon e3 1220 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v3"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3538"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775"
},
{
"model": "simatic ipc547g",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "r1.23.0"
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735e"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86148"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170m"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2460"
},
{
"model": "xeon e5 2620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86138t"
},
{
"model": "itc1500 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775d"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1275_"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870_v2"
},
{
"model": "xeon e5 2648l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2450 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc477e pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.09"
},
{
"model": "xeon e3 1230l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870"
},
{
"model": "xeon e3 1270 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3570"
},
{
"model": "xeon e5 2609",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2630l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "local service management system",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "13.0"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1558l_v5"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770d"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3590"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3450"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5530"
},
{
"model": "xeon e5 2440 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3858"
},
{
"model": "itc1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v4"
},
{
"model": "simatic ipc647c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.01.14"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2580"
},
{
"model": "xeon e5 2623 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1290",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v3"
},
{
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4205"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2880_v2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v4"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86138f"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85118"
},
{
"model": "xeon e5 2450l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3558"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8894_v4"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4628l_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870"
},
{
"model": "xeon e5 1620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "surface pro with lte advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1807"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1545m_v5"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v2"
},
{
"model": "xeon e3 1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom x5-e3930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2637 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v3"
},
{
"model": "simatic ipc677c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.02.15"
},
{
"model": "simotion p320-4e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "17.0x.14"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850"
},
{
"model": "xeon e3 1285 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v3"
},
{
"model": "xeon e5 2630l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4890_v2"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5115"
},
{
"model": "xeon e3 1231 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736f"
},
{
"model": "xeon e5 2603",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v3"
},
{
"model": "xeon e5 2650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6510"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v3"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "45nm"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5502"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "jetson tx1",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "r28.3"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2665"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176m"
},
{
"model": "xeon e3 1280",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2450l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4105"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v3"
},
{
"model": "xeon e3 1125c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1225 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "32nm"
},
{
"model": "xeon e3 1275 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v3"
},
{
"model": "xeon e3 1505l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3950"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2520"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5590"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1578l_v5"
},
{
"model": "sinumerik 840 d sl",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699r_v4"
},
{
"model": "xeon e5 2628l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4108"
},
{
"model": "simatic ipc547e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "r1.30.0"
},
{
"model": "xeon e5 1630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3750"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3560"
},
{
"model": "mrg realtime",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "10"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "32nm"
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3815"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5580"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2420"
},
{
"model": "xeon e5 2648l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2640 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"model": "xeon e3 1235l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2643 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86126f"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v2"
},
{
"model": "xeon e3 1240",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2648l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1220 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "atom x5-e3940",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v4"
},
{
"model": "xeon e5 1650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1235",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2430l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4880_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8837"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4624l_v2"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.7"
},
{
"model": "open integration gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3440"
},
{
"model": "xeon e3 1270 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v4"
},
{
"model": "xeon e5 2450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2438l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850_v2"
},
{
"model": "surface pro",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v3"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86130t"
},
{
"model": "xeon e5 2630l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "xeon e3 1265l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86142f"
},
{
"model": "simatic et 200 sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.6"
},
{
"model": "simatic ipc477d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "17.0x.14"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3430"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "xeon e3 1280 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2623 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc347e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v4"
},
{
"model": "mivoic mx-one",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v3"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5530"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v2"
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112"
},
{
"model": "mivoice border gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "xeon e3 1265l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "mivoice business",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2480"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735f"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v3"
},
{
"model": "xeon e3 1240l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v3"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740d"
},
{
"model": "xeon e5 2603 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2609 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1245 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3830"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735d"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v3"
},
{
"model": "xeon e5 2420 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "email security",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "sinumerik tcu 30.3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v3"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5520"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1515m_v5"
},
{
"model": "xeon e3 1220 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "virtualization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.3"
},
{
"model": "xeon e5 1620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "secure mobile access",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v4"
},
{
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "72"
},
{
"model": "xeon e3 1275 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2830"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1505m_v6"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v3"
},
{
"model": "xeon e3 1246 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v3"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell emc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qualcomm incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "cortex a57",
"scope": null,
"trust": 0.6,
"vendor": "arm",
"version": null
},
{
"model": "5th generation core processors",
"scope": null,
"trust": 0.6,
"vendor": "intel",
"version": null
},
{
"model": "cortex a72",
"scope": null,
"trust": 0.6,
"vendor": "arm",
"version": null
},
{
"model": "6th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "5th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "4th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "3rd generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "2nd generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "8th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "7th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor a series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor c series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor e series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor t series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "x0"
},
{
"model": "atom processor z series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "core x-series processor family for intel platforms",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "x990"
},
{
"model": "celeron processor j series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor n series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "core m processor family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "core x-series processor family for intel platforms",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "x2990"
},
{
"model": "pentium processor n series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor silver series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "34000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "36000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "55000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "56000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "75000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "65000"
},
{
"model": "pentium processor j series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v20"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v40"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v50"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v60"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v20"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v40"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v20"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v40"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:32nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:45nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:32nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:45nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:32nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:45nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_m:32nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_m:45nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium:n4000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium:n4100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium:n4200:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver:j5005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver:n5000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:125c_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1220_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1275_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:3600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:5600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:7500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5502:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5503:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5504:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5506:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5507:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5520:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5530:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5540:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e6510:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e6540:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e6550:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l3403:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l3406:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l3426:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5506:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5508_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5518_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5520:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5530:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:w5580:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:w5590:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3430:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3440:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3450:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3460:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3470:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3480:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x5550:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x5560:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x5570:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85115:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85118:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85119t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85120:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85120t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85122:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86126:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86126f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86126t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86128:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86130:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86130f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86130t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86132:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86134:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86134m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86136:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86138:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86138f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86138t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86140:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86140m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86142:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86142f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86142m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86144:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86146:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86148:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86148f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86150:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86154:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arm:cortex-a:15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:arm:cortex-a:57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:arm:cortex-a:72:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:virtualization_manager:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc1500:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc1500_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc1500_pro:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc1900_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc1900:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc1900_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc1900_pro:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc2200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc2200:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc2200_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc2200_pro:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:local_service_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_ape_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_ape:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_et_200_sp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_et_200_sp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "18.01.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "22.01.06",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc3000_smart_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc3000_smart:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc347e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc347e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r1.30.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc547e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r1.23.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc627c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc627c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc647c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc647c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc677c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc677c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc827c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc827c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc847c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc847c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "23.01.04",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simotion_p320-4e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simotion_p320-4e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840_d_sl_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840_d_sl:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_pcu_50.5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_pcu_50.5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_tcu_30.3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_tcu_30.3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinema_remote_connect_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mitel:micollab:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:open_integration_gateway:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoice_border_gateway:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoice_business:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoice_connect:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoic_mx-one:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoice_5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:micloud_management_portal:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sonicwall:sonicosv:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:web_application_firewall:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:cloud_global_management_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:email_security:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:secure_mobile_access:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:global_management_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nvidia:jetson_tx1:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r28.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nvidia:jetson_tx2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r28.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_book:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_book:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_pro:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_pro:4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_pro:1796:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_pro_with_lte_advanced:1807:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_studio:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
}
],
"trust": 1.3
},
"cve": "CVE-2018-3639",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-13391",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-133670",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-133671",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3639",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-13391",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-133670",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-133671",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as \"Variant 3a\" and \"Variant 4\". CPUhardware is firmware that runs in the central processor for managing and controlling the CPU. Multiple CPUHardware information disclosure vulnerabilities. The vulnerability is caused by a race condition in the CPU cache processing. Local attackers can exploit vulnerabilities to obtain sensitive information through side channel analysis. AMD, ARM, and Intel CPUs are all CPU (central processing unit) products from different manufacturers. AMD, ARM, and Intel CPUs have security vulnerabilities. Relevant releases/architectures:\n\nRHV-M 4.2 - noarch\n\n3. Description:\n\nThe org.ovirt.engine-root is a core component of oVirt. 7) - x86_64\n\n3. Description:\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for\nLinux on a variety of architectures. The qemu-kvm packages provide the\nuser-space component for running virtual machines that use KVM. Once\nall virtual machines have shut down, start them again for this update to\ntake effect. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2018:1965-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:1965\nIssue date: 2018-06-26\nCVE Names: CVE-2017-11600 CVE-2018-3639 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - noarch, ppc64le, s390x\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - noarch, ppc64le\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of Load \u0026 Store instructions\n(a commonly used performance optimization). It relies on the presence of a\nprecisely-defined instruction sequence in the privileged code as well as\nthe fact that memory read from address to which a recent memory write has\noccurred may see an older value and subsequently cause an update into the\nmicroprocessor\u0027s data cache even for speculatively executed instructions\nthat never actually commit (retire). As a result, an unprivileged attacker\ncould use this flaw to read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2018-3639, PowerPC, x86 AMD)\n\n* kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message\n(CVE-2017-11600)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nRed Hat would like to thank Ken Johnson (Microsoft Security Response\nCenter) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639. \n\nBug Fix(es):\n\nThese updated kernel packages include also numerous bug fixes. Space\nprecludes documenting all of the bug fixes in this advisory. See the\ndescriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3485871\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1474928 - CVE-2017-11600 kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message\n1566890 - CVE-2018-3639 hw: cpu: speculative store bypass\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-862.6.3.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-headers-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm\nperf-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-862.6.3.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-headers-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm\nperf-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-862.6.3.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debug-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-devel-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-headers-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.ppc64.rpm\nperf-3.10.0-862.6.3.el7.ppc64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\npython-perf-3.10.0-862.6.3.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-headers-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-862.6.3.el7.s390x.rpm\nkernel-devel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-headers-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-862.6.3.el7.s390x.rpm\nperf-3.10.0-862.6.3.el7.s390x.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\npython-perf-3.10.0-862.6.3.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-headers-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm\nperf-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nppc64le:\nkernel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-headers-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-862.6.3.el7.s390x.rpm\nkernel-devel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-headers-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-862.6.3.el7.s390x.rpm\nperf-3.10.0-862.6.3.el7.s390x.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\npython-perf-3.10.0-862.6.3.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):\n\nnoarch:\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-862.6.3.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-headers-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm\nperf-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-11600\nhttps://access.redhat.com/security/cve/CVE-2018-3639\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/3485871\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBWzJvQtzjgjWX9erEAQhA1BAAnHot2ERbRC9tVbWzn8egMTLwNGaPfu8b\nRhzRg0qgwySJM7JXfEC2fKJYoCaL71ykhGUC98wNc5SJVqkfzMt66pyxrMrK8Ff2\n+LJW3BFAbFfzzt/NMRwXM+s2TSNj6BhqWpohgmB83jz3uPzH51QBp2SbumMDwdrj\nVN9/rZlA/2rofE/7Lyz2B/Rks5oEvRbW4pf4hDpARDLqD8iU4UhW8QGb4HZfH//X\nlvVTnKaMvCN1Jecc0fyp6lE4no2FBMPBlIQvnHcHw4gtjBajN4Ics/nMEXs7Zp2/\n+sCtyWuH06G6hiawMHmCaw6QPqIvhJ2zcgzZl+18ITDk3OOlIPhpFJHQ1hjKZR3v\n5PqvGyVXuKqzwtRIdTvDNIrI42R31xUiLXSk24scMO8p5IiCrONn2Med4LsOH6k8\n9hMyYG+oYo3SKjes8N9Q3Gzf98MR/Kkx/5nRRmLpQEHehhNIgBebhscWdL535Ufk\nNJ1a4SHRxCoj3WSpx6XDZ+ZjHHWJVYZ8TnvHY2qrD1r1BCZNXkeBYZ4Fthelu5BS\niGLax+RbZbS0n83AmEV7rq85o1i95fJPYTuZ1xzcx8DxZcgwoc6X8h9doz2Rz9Mq\n08nScZYH4g6ruhcvWFYnsxx/hYpWvnnaUlmDGKhoUpd5+hCPP3hTx+GvFKi/IjiD\nrcTDRBuyPRI=\n=PPUN\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6.6) - noarch, x86_64\n\n3. (CVE-2018-3639)\n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. To be fully functional, up-to-date CPU\nmicrocode applied on the system might be required. \n\nIn this update, mitigation for PowerPC architecture is provided. Description:\n\nThe libvirt library contains a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems. In\naddition, libvirt provides tools for remote management of virtualized\nsystems. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit. (CVE-2018-3639)\n\nNote: This is the OpenJDK side of the CVE-2018-3639 mitigation. \n\nBug Fix(es):\n\n* If the cifs_reopen_file() function failed to find a file, the pointer to\nthe cifsFileInfo structure was not reinitialized by being set to \"NULL\". \nSubsequently, the find_writable_file() function used an invalid pointer to\ncifsFileInfo. Consequently, the operating system terminated unexpectedly. As a result, the operating system\nno longer crashes due to this bug. (BZ#1577086)\n\n4",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3639"
},
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
},
{
"db": "PACKETSTORM",
"id": "147769"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-133670",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133670"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3639",
"trust": 3.1
},
{
"db": "USCERT",
"id": "TA18-141A",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#180049",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1040949",
"trust": 1.8
},
{
"db": "BID",
"id": "104232",
"trust": 1.7
},
{
"db": "LENOVO",
"id": "LEN-22133",
"trust": 1.2
},
{
"db": "SIEMENS",
"id": "SSA-268644",
"trust": 1.2
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1042004",
"trust": 1.2
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2020/06/10/5",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2020/06/10/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2020/06/10/2",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "44695",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-505225",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#584653",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-13391",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "147749",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147769",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147779",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148818",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148751",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "150079",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148853",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148695",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147938",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147759",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147930",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147739",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148581",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148151",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147743",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148318",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148731",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147932",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148484",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150076",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147839",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147746",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147765",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147762",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147748",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147754",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147756",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147931",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148323",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147751",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147747",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147764",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147755",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147873",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150073",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148699",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147763",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148656",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148330",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147744",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150077",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147750",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148370",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147767",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150090",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147737",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147742",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147796",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149127",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149390",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148614",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147738",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150096",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147745",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147753",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147780",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148842",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147733",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147778",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147758",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147866",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147740",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147757",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147741",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150078",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147735",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147766",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147933",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147760",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150075",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148975",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150095",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "151288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150074",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147736",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147761",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152767",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148317",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147904",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148507",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147851",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147934",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133670",
"trust": 0.1
},
{
"db": "BID",
"id": "104228",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201805-748",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133671",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148322",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"id": "VAR-201805-0963",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
}
],
"trust": 1.507676424090909
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13391"
}
]
},
"last_update_date": "2024-07-23T21:53:48.206000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patches for multiple CPUHardware information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/134555"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13391"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.2
},
{
"problemtype": "CWE-200",
"trust": 0.2
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"trust": 2.0,
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"trust": 2.0,
"url": "https://www.us-cert.gov/ncas/alerts/ta18-141a"
},
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180521-cpusidechannel"
},
{
"trust": 1.9,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 1.6,
"url": "https://support.apple.com//ht208394"
},
{
"trust": 1.6,
"url": "http://www.dell.com/support/speculative-store-bypass"
},
{
"trust": 1.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/cve/cve-2018-3639"
},
{
"trust": 1.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 1.2,
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"trust": 1.2,
"url": "http://support.lenovo.com/us/en/solutions/len-22133"
},
{
"trust": 1.2,
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
},
{
"trust": 1.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
},
{
"trust": 1.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.2,
"url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
},
{
"trust": 1.2,
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
},
{
"trust": 1.2,
"url": "https://www.synology.com/support/security/synology_sa_18_23"
},
{
"trust": 1.2,
"url": "https://www.debian.org/security/2018/dsa-4273"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1633"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1636"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1638"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1647"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1658"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1676"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1738"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1965"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2250"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2289"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2309"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2363"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:3402"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1040949"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1042004"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/104232"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/jun/36"
},
{
"trust": 1.1,
"url": "http://xenbits.xen.org/xsa/advisory-263.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"trust": 1.1,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.1,
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180012"
},
{
"trust": 1.1,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2018-0004"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx235225"
},
{
"trust": 1.1,
"url": "https://support.oracle.com/knowledge/sun%20microsystems/2481872_1.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4210"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/44695/"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1629"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1630"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1632"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1635"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1637"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1639"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1640"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1641"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1642"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1643"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1644"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1645"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1646"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1648"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1649"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1650"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1651"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1652"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1653"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1654"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1655"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1656"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1657"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1659"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1660"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1661"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1662"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1663"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1664"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1665"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1666"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1667"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1668"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1669"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1674"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1675"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1686"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1688"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1689"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1690"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1696"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1710"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1711"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1737"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1826"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1854"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1967"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1997"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2001"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2003"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2006"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2060"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2161"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2162"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2164"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2171"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2172"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2216"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2228"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2246"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2258"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2328"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2364"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2387"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2394"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2396"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2948"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3396"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3397"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3398"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3399"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3400"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3401"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3407"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3423"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3424"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3425"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:0148"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1046"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3651-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3652-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3653-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3653-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3679-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3680-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"trust": 1.0,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03850en_us"
},
{
"trust": 0.8,
"url": "https://vuls.cert.org/confluence/display/wiki/vulnerabilities+associated+with+cpu+speculative+execution"
},
{
"trust": 0.8,
"url": "https://developer.amd.com/wp-content/resources/124441_amd64_speculativestorebypassdisable_whitepaper_final.pdf"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/584653"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/208.html"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-speculative-execution-side-channel-mitigations.pdf"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-intel-analysis-of-speculative-execution-side-channels-white-paper.pdf"
},
{
"trust": 0.8,
"url": "https://fortiguard.com/psirt/fg-ir-18-002"
},
{
"trust": 0.8,
"url": "https://support.hp.com/us-en/document/c06001626"
},
{
"trust": 0.8,
"url": "http://www.hitachi.com/hirt/publications/hirt-pub18001/"
},
{
"trust": 0.8,
"url": "https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/"
},
{
"trust": 0.8,
"url": "https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution"
},
{
"trust": 0.8,
"url": "https://www.suse.com/support/kb/doc/?id=7022937"
},
{
"trust": 0.8,
"url": "https://www.synology.com/en-global/support/security/synology_sa_18_23"
},
{
"trust": 0.8,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/variant4"
},
{
"trust": 0.8,
"url": "https://kb.vmware.com/s/article/54951"
},
{
"trust": 0.8,
"url": "https://aws.amazon.com/security/security-bulletins/aws-2018-015/"
},
{
"trust": 0.6,
"url": "https://securitytracker.com/id/1040949"
},
{
"trust": 0.2,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03850en_us"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/104228"
},
{
"trust": 0.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180013"
},
{
"trust": 0.1,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2018-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-11600"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3485871"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-11600"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3449601"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-21T00:00:00",
"db": "CERT/CC",
"id": "VU#180049"
},
{
"date": "2018-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"date": "2018-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-133670"
},
{
"date": "2018-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-133671"
},
{
"date": "2018-05-23T06:55:41",
"db": "PACKETSTORM",
"id": "147739"
},
{
"date": "2018-05-23T07:02:14",
"db": "PACKETSTORM",
"id": "147759"
},
{
"date": "2018-06-26T23:03:11",
"db": "PACKETSTORM",
"id": "148322"
},
{
"date": "2018-07-30T19:53:15",
"db": "PACKETSTORM",
"id": "148751"
},
{
"date": "2018-05-30T19:46:19",
"db": "PACKETSTORM",
"id": "147930"
},
{
"date": "2018-05-23T07:06:00",
"db": "PACKETSTORM",
"id": "147769"
},
{
"date": "2018-08-07T13:13:13",
"db": "PACKETSTORM",
"id": "148853"
},
{
"date": "2018-08-03T20:22:22",
"db": "PACKETSTORM",
"id": "148818"
},
{
"date": "2018-05-23T06:59:24",
"db": "PACKETSTORM",
"id": "147749"
},
{
"date": "2018-05-30T19:50:22",
"db": "PACKETSTORM",
"id": "147938"
},
{
"date": "2018-10-31T01:14:01",
"db": "PACKETSTORM",
"id": "150079"
},
{
"date": "2018-05-23T07:09:47",
"db": "PACKETSTORM",
"id": "147779"
},
{
"date": "2018-07-25T14:02:22",
"db": "PACKETSTORM",
"id": "148695"
},
{
"date": "2018-05-22T12:29:00.250000",
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-19T00:00:00",
"db": "CERT/CC",
"id": "VU#180049"
},
{
"date": "2018-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"date": "2020-09-02T00:00:00",
"db": "VULHUB",
"id": "VHN-133670"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-133671"
},
{
"date": "2021-08-13T15:26:43.697000",
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "bypass",
"sources": [
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
}
],
"trust": 1.2
}
}
VAR-201404-0398
Vulnerability from variot - Updated: 2024-07-23 21:52Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Java SE (Java Platform Standard Edition) is used to develop and deploy Java applications on desktops, servers, and embedded devices and real-time environments; JRockit is a Java virtual machine built into Oracle Fusion Middleware; Java SE Embedded is a The Java platform for developing powerful, reliable, and portable applications for embedded systems. A remote attacker could exploit this vulnerability to execute arbitrary code, affecting the confidentiality, integrity, and availability of data. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32
http://security.gentoo.org/
Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32
Synopsis
Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution.
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
[ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ============================================================================ Ubuntu Security Notice USN-2191-1 May 01, 2014
openjdk-6 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6.
Software Description: - openjdk-6: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0461, CVE-2014-0462, CVE-2014-2397, CVE-2014-2405, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427)
Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)
A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2014-0459)
Jakub Wilk discovered that the OpenJDK JRE incorrectly handled temporary files. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions. (CVE-2014-1876)
A vulnerability was discovered in the OpenJDK JRE related to data integrity. (CVE-2014-2398)
A vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-2403)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b31-1.13.3-1ubuntu1~0.12.04.2 icedtea-6-jre-jamvm 6b31-1.13.3-1ubuntu1~0.12.04.2 openjdk-6-jre 6b31-1.13.3-1ubuntu1~0.12.04.2 openjdk-6-jre-headless 6b31-1.13.3-1ubuntu1~0.12.04.2 openjdk-6-jre-lib 6b31-1.13.3-1ubuntu1~0.12.04.2 openjdk-6-jre-zero 6b31-1.13.3-1ubuntu1~0.12.04.2
Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b31-1.13.3-1ubuntu1~0.10.04.1 openjdk-6-jre 6b31-1.13.3-1ubuntu1~0.10.04.1 openjdk-6-jre-headless 6b31-1.13.3-1ubuntu1~0.10.04.1 openjdk-6-jre-lib 6b31-1.13.3-1ubuntu1~0.10.04.1 openjdk-6-jre-zero 6b31-1.13.3-1ubuntu1~0.10.04.1
This update uses a new upstream release, which includes additional bug fixes. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory pages, listed in the References section.
Note that the CVE-2014-0459 issue is in the lcms2 library, which has been patched to correct this flaw. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFTdfckmqjQ0CJFipgRArKEAKCIiAR2WkLo3Vb0gzzQ5RDz7hQZ3gCcDC6A 5xOtKkhOvonpLXoqBiAcXWQ= =qBk5 -----END PGP SIGNATURE----- . 7) - x86_64
For the stable distribution (wheezy), these problems have been fixed in version 7u55-2.4.7-1~deb7u1.
For the unstable distribution (sid), these problems have been fixed in version 7u55-2.4.7-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: java-1.6.0-openjdk security and bug fix update Advisory ID: RHSA-2014:0408-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0408.html Issue date: 2014-04-16 CVE Names: CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2403 CVE-2014-2412 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 =====================================================================
- Summary:
Updated java-1.6.0-openjdk packages that fix various security issues and one bug are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit.
An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429)
Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421)
Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0461)
Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, and Sound components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-0446, CVE-2014-2427)
Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460)
It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403)
It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453)
It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398)
An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876)
This update also fixes the following bug:
- The OpenJDK update to IcedTea version 1.13 introduced a regression related to the handling of the jdk_version_info variable. This variable was not properly zeroed out before being passed to the Java Virtual Machine, resulting in a memory leak in the java.lang.ref.Finalizer class. This update fixes this issue, and memory leaks no longer occur. (BZ#1085373)
All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1060907 - CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618) 1085373 - java.lang.ref.Finalizer leak when upgrading from 1.62 to 1.66 1086632 - CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736) 1086645 - CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766) 1087409 - CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841) 1087411 - CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394) 1087413 - CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858) 1087417 - CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854) 1087423 - CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926) 1087426 - CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794) 1087427 - CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010) 1087428 - CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797) 1087430 - CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152) 1087431 - CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030) 1087434 - CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188) 1087436 - CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801) 1087439 - CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740) 1087441 - CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163) 1087442 - CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731) 1087443 - CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282)
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.i386.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.i386.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm
i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm
x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2014-0429.html https://www.redhat.com/security/data/cve/CVE-2014-0446.html https://www.redhat.com/security/data/cve/CVE-2014-0451.html https://www.redhat.com/security/data/cve/CVE-2014-0452.html https://www.redhat.com/security/data/cve/CVE-2014-0453.html https://www.redhat.com/security/data/cve/CVE-2014-0456.html https://www.redhat.com/security/data/cve/CVE-2014-0457.html https://www.redhat.com/security/data/cve/CVE-2014-0458.html https://www.redhat.com/security/data/cve/CVE-2014-0460.html https://www.redhat.com/security/data/cve/CVE-2014-0461.html https://www.redhat.com/security/data/cve/CVE-2014-1876.html https://www.redhat.com/security/data/cve/CVE-2014-2397.html https://www.redhat.com/security/data/cve/CVE-2014-2398.html https://www.redhat.com/security/data/cve/CVE-2014-2403.html https://www.redhat.com/security/data/cve/CVE-2014-2412.html https://www.redhat.com/security/data/cve/CVE-2014-2414.html https://www.redhat.com/security/data/cve/CVE-2014-2421.html https://www.redhat.com/security/data/cve/CVE-2014-2423.html https://www.redhat.com/security/data/cve/CVE-2014-2427.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTTm2zXlSAg2UNWIIRAkZ8AJ4tQFSY3KSdfOiDJA5KJWO9IJa1BACeMLJ6 PQHHIgiQ5K7Q4/GEJAHNU94= =9aj6 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0398",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "junos space",
"scope": "lt",
"trust": 1.0,
"vendor": "juniper",
"version": "15.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.10"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.8.0"
},
{
"model": "forms viewer",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0.3"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.3.1"
},
{
"model": "forms viewer",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.8.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"model": "forms viewer",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "13.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "forms viewer",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r27.8.1"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0.0.3",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "127027"
},
{
"db": "PACKETSTORM",
"id": "126183"
},
{
"db": "PACKETSTORM",
"id": "126631"
}
],
"trust": 0.5
},
"cve": "CVE-2014-0429",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-67922",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0429",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0429",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-67922",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0429",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67922"
},
{
"db": "VULMON",
"id": "CVE-2014-0429"
},
{
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Java SE (Java Platform Standard Edition) is used to develop and deploy Java applications on desktops, servers, and embedded devices and real-time environments; JRockit is a Java virtual machine built into Oracle Fusion Middleware; Java SE Embedded is a The Java platform for developing powerful, reliable, and portable applications for embedded systems. A remote attacker could exploit this vulnerability to execute arbitrary code, affecting the confidentiality, integrity, and availability of data. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201406-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: IcedTea JDK: Multiple vulnerabilities\n Date: June 29, 2014\n Bugs: #312297, #330205, #340819, #346799, #352035, #353418,\n #354231, #355127, #370787, #387637, #404095, #421031,\n #429522, #433389, #438750, #442478, #457206, #458410,\n #461714, #466822, #477210, #489570, #508270\n ID: 201406-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the IcedTea JDK, the worst\nof which could lead to arbitrary code execution. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/icedtea-bin \u003c 6.1.13.3 \u003e= 6.1.13.3 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IcedTea JDK users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-java/icedtea-bin-6.1.13.3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-3555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[ 2 ] CVE-2010-2548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548\n[ 3 ] CVE-2010-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783\n[ 4 ] CVE-2010-3541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[ 5 ] CVE-2010-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[ 6 ] CVE-2010-3549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[ 7 ] CVE-2010-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[ 8 ] CVE-2010-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[ 9 ] CVE-2010-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[ 10 ] CVE-2010-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[ 11 ] CVE-2010-3561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[ 12 ] CVE-2010-3562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[ 13 ] CVE-2010-3564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564\n[ 14 ] CVE-2010-3565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[ 15 ] CVE-2010-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[ 16 ] CVE-2010-3567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[ 17 ] CVE-2010-3568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[ 18 ] CVE-2010-3569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[ 19 ] CVE-2010-3573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[ 20 ] CVE-2010-3574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[ 21 ] CVE-2010-3860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860\n[ 22 ] CVE-2010-4351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351\n[ 23 ] CVE-2010-4448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[ 24 ] CVE-2010-4450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[ 25 ] CVE-2010-4465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[ 26 ] CVE-2010-4467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[ 27 ] CVE-2010-4469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[ 28 ] CVE-2010-4470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[ 29 ] CVE-2010-4471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[ 30 ] CVE-2010-4472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[ 31 ] CVE-2010-4476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[ 32 ] CVE-2011-0025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025\n[ 33 ] CVE-2011-0706\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706\n[ 34 ] CVE-2011-0815\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[ 35 ] CVE-2011-0822\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822\n[ 36 ] CVE-2011-0862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[ 37 ] CVE-2011-0864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[ 38 ] CVE-2011-0865\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[ 39 ] CVE-2011-0868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[ 40 ] CVE-2011-0869\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[ 41 ] CVE-2011-0870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870\n[ 42 ] CVE-2011-0871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[ 43 ] CVE-2011-0872\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[ 44 ] CVE-2011-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 45 ] CVE-2011-3521\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[ 46 ] CVE-2011-3544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[ 47 ] CVE-2011-3547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[ 48 ] CVE-2011-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[ 49 ] CVE-2011-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[ 50 ] CVE-2011-3552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[ 51 ] CVE-2011-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[ 52 ] CVE-2011-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[ 53 ] CVE-2011-3556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[ 54 ] CVE-2011-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[ 55 ] CVE-2011-3558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[ 56 ] CVE-2011-3560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[ 57 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 58 ] CVE-2011-3571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571\n[ 59 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 60 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 61 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 62 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 63 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 64 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 65 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 66 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 67 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 68 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 69 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 70 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 71 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 72 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 73 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 74 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 75 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 76 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 77 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 78 ] CVE-2012-3422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422\n[ 79 ] CVE-2012-3423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423\n[ 80 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 81 ] CVE-2012-4540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540\n[ 82 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 83 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 84 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 85 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 86 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 87 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 88 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 89 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 90 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 91 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 92 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 93 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 94 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 95 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 96 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 97 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 98 ] CVE-2012-5979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979\n[ 99 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 100 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 101 ] CVE-2013-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424\n[ 102 ] CVE-2013-0425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425\n[ 103 ] CVE-2013-0426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426\n[ 104 ] CVE-2013-0427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427\n[ 105 ] CVE-2013-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428\n[ 106 ] CVE-2013-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429\n[ 107 ] CVE-2013-0431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431\n[ 108 ] CVE-2013-0432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432\n[ 109 ] CVE-2013-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433\n[ 110 ] CVE-2013-0434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434\n[ 111 ] CVE-2013-0435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435\n[ 112 ] CVE-2013-0440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440\n[ 113 ] CVE-2013-0441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441\n[ 114 ] CVE-2013-0442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442\n[ 115 ] CVE-2013-0443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443\n[ 116 ] CVE-2013-0444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444\n[ 117 ] CVE-2013-0450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450\n[ 118 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 119 ] CVE-2013-1475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475\n[ 120 ] CVE-2013-1476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476\n[ 121 ] CVE-2013-1478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478\n[ 122 ] CVE-2013-1480\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480\n[ 123 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 124 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 125 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 126 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 127 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 128 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 129 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 130 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 131 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 132 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 133 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 134 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 135 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 136 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 137 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 138 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 139 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 140 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 141 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 142 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 143 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 144 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 145 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 146 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 147 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 148 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 149 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 150 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 151 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 152 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 153 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 154 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 155 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 156 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 157 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 158 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 159 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 160 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 161 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 162 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 163 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 164 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 165 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 166 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 167 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 168 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 169 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 170 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 171 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 172 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 173 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 174 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 175 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 176 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 177 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 178 ] CVE-2013-4002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002\n[ 179 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 180 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 181 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 182 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 183 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 184 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 185 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 186 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 187 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 188 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 189 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 190 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 191 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 192 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 193 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 194 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 195 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 196 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 197 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 198 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 199 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 200 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 201 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 202 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 203 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 204 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 205 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 206 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 207 ] CVE-2013-6629\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629\n[ 208 ] CVE-2013-6954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954\n[ 209 ] CVE-2014-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429\n[ 210 ] CVE-2014-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446\n[ 211 ] CVE-2014-0451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451\n[ 212 ] CVE-2014-0452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452\n[ 213 ] CVE-2014-0453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453\n[ 214 ] CVE-2014-0456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456\n[ 215 ] CVE-2014-0457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457\n[ 216 ] CVE-2014-0458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458\n[ 217 ] CVE-2014-0459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459\n[ 218 ] CVE-2014-0460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460\n[ 219 ] CVE-2014-0461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461\n[ 220 ] CVE-2014-1876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876\n[ 221 ] CVE-2014-2397\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397\n[ 222 ] CVE-2014-2398\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398\n[ 223 ] CVE-2014-2403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403\n[ 224 ] CVE-2014-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412\n[ 225 ] CVE-2014-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414\n[ 226 ] CVE-2014-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421\n[ 227 ] CVE-2014-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423\n[ 228 ] CVE-2014-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201406-32.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ============================================================================\nUbuntu Security Notice USN-2191-1\nMay 01, 2014\n\nopenjdk-6 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK 6. \n\nSoftware Description:\n- openjdk-6: Open Source Java implementation\n\nDetails:\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure, data integrity and availability. An attacker could\nexploit these to cause a denial of service or expose sensitive data over\nthe network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452,\nCVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0461, CVE-2014-0462,\nCVE-2014-2397, CVE-2014-2405, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421,\nCVE-2014-2423, CVE-2014-2427)\n\nTwo vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure and data integrity. An attacker could exploit these\nto expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. \nAn attacker could exploit this to cause a denial of service. \n(CVE-2014-0459)\n\nJakub Wilk discovered that the OpenJDK JRE incorrectly handled temporary\nfiles. In the default installation of Ubuntu, this should be\nprevented by the Yama link restrictions. (CVE-2014-1876)\n\nA vulnerability was discovered in the OpenJDK JRE related to data\nintegrity. (CVE-2014-2398)\n\nA vulnerability was discovered in the OpenJDK JRE related to information\ndisclosure. An attacker could exploit this to expose sensitive data over\nthe network. (CVE-2014-2403)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n icedtea-6-jre-cacao 6b31-1.13.3-1ubuntu1~0.12.04.2\n icedtea-6-jre-jamvm 6b31-1.13.3-1ubuntu1~0.12.04.2\n openjdk-6-jre 6b31-1.13.3-1ubuntu1~0.12.04.2\n openjdk-6-jre-headless 6b31-1.13.3-1ubuntu1~0.12.04.2\n openjdk-6-jre-lib 6b31-1.13.3-1ubuntu1~0.12.04.2\n openjdk-6-jre-zero 6b31-1.13.3-1ubuntu1~0.12.04.2\n\nUbuntu 10.04 LTS:\n icedtea-6-jre-cacao 6b31-1.13.3-1ubuntu1~0.10.04.1\n openjdk-6-jre 6b31-1.13.3-1ubuntu1~0.10.04.1\n openjdk-6-jre-headless 6b31-1.13.3-1ubuntu1~0.10.04.1\n openjdk-6-jre-lib 6b31-1.13.3-1ubuntu1~0.10.04.1\n openjdk-6-jre-zero 6b31-1.13.3-1ubuntu1~0.10.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory pages, listed in the References section. \n \n Note that the CVE-2014-0459 issue is in the lcms2 library, which has\n been patched to correct this flaw. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFTdfckmqjQ0CJFipgRArKEAKCIiAR2WkLo3Vb0gzzQ5RDz7hQZ3gCcDC6A\n5xOtKkhOvonpLXoqBiAcXWQ=\n=qBk5\n-----END PGP SIGNATURE-----\n. 7) - x86_64\n\n3. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 7u55-2.4.7-1~deb7u1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7u55-2.4.7-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: java-1.6.0-openjdk security and bug fix update\nAdvisory ID: RHSA-2014:0408-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0408.html\nIssue date: 2014-04-16\nCVE Names: CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 \n CVE-2014-0452 CVE-2014-0453 CVE-2014-0456 \n CVE-2014-0457 CVE-2014-0458 CVE-2014-0460 \n CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 \n CVE-2014-2398 CVE-2014-2403 CVE-2014-2412 \n CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 \n CVE-2014-2427 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-openjdk packages that fix various security issues and\none bug are now available for Red Hat Enterprise Linux 5 and 6. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit. \n\nAn input validation flaw was discovered in the medialib library in the 2D\ncomponent. A specially crafted image could trigger Java Virtual Machine\nmemory corruption when processed. A remote attacker, or an untrusted Java\napplication or applet, could possibly use this flaw to execute arbitrary\ncode with the privileges of the user running the Java Virtual Machine. \n(CVE-2014-0429)\n\nMultiple flaws were discovered in the Hotspot and 2D components in OpenJDK. \nAn untrusted Java application or applet could use these flaws to trigger\nJava Virtual Machine memory corruption and possibly bypass Java sandbox\nrestrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421)\n\nMultiple improper permission check issues were discovered in the Libraries\ncomponent in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass Java sandbox restrictions. (CVE-2014-0457,\nCVE-2014-0461)\n\nMultiple improper permission check issues were discovered in the AWT,\nJAX-WS, JAXB, Libraries, and Sound components in OpenJDK. An untrusted Java\napplication or applet could use these flaws to bypass certain Java sandbox\nrestrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423,\nCVE-2014-0452, CVE-2014-2414, CVE-2014-0446, CVE-2014-2427)\n\nMultiple flaws were identified in the Java Naming and Directory Interface\n(JNDI) DNS client. These flaws could make it easier for a remote attacker\nto perform DNS spoofing attacks. (CVE-2014-0460)\n\nIt was discovered that the JAXP component did not properly prevent access\nto arbitrary files when a SecurityManager was present. This flaw could\ncause a Java application using JAXP to leak sensitive information, or\naffect application availability. (CVE-2014-2403)\n\nIt was discovered that the Security component in OpenJDK could leak some\ntiming information when performing PKCS#1 unpadding. This could possibly\nlead to the disclosure of some information that was meant to be protected\nby encryption. (CVE-2014-0453)\n\nIt was discovered that the fix for CVE-2013-5797 did not properly resolve\ninput sanitization flaws in javadoc. When javadoc documentation was\ngenerated from an untrusted Java source code and hosted on a domain not\ncontrolled by the code author, these issues could make it easier to perform\ncross-site scripting (XSS) attacks. (CVE-2014-2398)\n\nAn insecure temporary file use flaw was found in the way the unpack200\nutility created log files. A local attacker could possibly use this flaw to\nperform a symbolic link attack and overwrite arbitrary files with the\nprivileges of the user running unpack200. (CVE-2014-1876)\n\nThis update also fixes the following bug:\n\n* The OpenJDK update to IcedTea version 1.13 introduced a regression\nrelated to the handling of the jdk_version_info variable. This variable was\nnot properly zeroed out before being passed to the Java Virtual Machine,\nresulting in a memory leak in the java.lang.ref.Finalizer class. \nThis update fixes this issue, and memory leaks no longer occur. \n(BZ#1085373)\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1060907 - CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)\n1085373 - java.lang.ref.Finalizer leak when upgrading from 1.62 to 1.66\n1086632 - CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)\n1086645 - CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766)\n1087409 - CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)\n1087411 - CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)\n1087413 - CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858)\n1087417 - CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854)\n1087423 - CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926)\n1087426 - CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)\n1087427 - CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010)\n1087428 - CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)\n1087430 - CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)\n1087431 - CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)\n1087434 - CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)\n1087436 - CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)\n1087439 - CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740)\n1087441 - CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)\n1087442 - CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)\n1087443 - CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.i386.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.i386.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.i386.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el5_10.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2014-0429.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0446.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0451.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0452.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0453.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0456.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0457.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0458.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0460.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0461.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-1876.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2397.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2398.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2403.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2412.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2421.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2423.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-2427.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTTm2zXlSAg2UNWIIRAkZ8AJ4tQFSY3KSdfOiDJA5KJWO9IJa1BACeMLJ6\nPQHHIgiQ5K7Q4/GEJAHNU94=\n=9aj6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0429"
},
{
"db": "VULHUB",
"id": "VHN-67922"
},
{
"db": "VULMON",
"id": "CVE-2014-0429"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "126443"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126664"
},
{
"db": "PACKETSTORM",
"id": "127027"
},
{
"db": "PACKETSTORM",
"id": "126494"
},
{
"db": "PACKETSTORM",
"id": "126183"
},
{
"db": "PACKETSTORM",
"id": "126631"
}
],
"trust": 1.89
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-67922",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67922"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0429",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "58415",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "58974",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "59058",
"trust": 1.2
},
{
"db": "JUNIPER",
"id": "JSA10698",
"trust": 1.2
},
{
"db": "BID",
"id": "66856",
"trust": 1.2
},
{
"db": "PACKETSTORM",
"id": "126183",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126443",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126181",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126664",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "127027",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130400",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127041",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126182",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126413",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201404-258",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-67922",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0429",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126494",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126631",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67922"
},
{
"db": "VULMON",
"id": "CVE-2014-0429"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "126443"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126664"
},
{
"db": "PACKETSTORM",
"id": "127027"
},
{
"db": "PACKETSTORM",
"id": "126494"
},
{
"db": "PACKETSTORM",
"id": "126183"
},
{
"db": "PACKETSTORM",
"id": "126631"
},
{
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"id": "VAR-201404-0398",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67922"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:52:34.093000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: CVE-2014-0429",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0429"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2191-1"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2187-1"
},
{
"title": "Amazon Linux AMI: ALAS-2014-326",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-326"
},
{
"title": "Amazon Linux AMI: ALAS-2014-327",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-327"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0429"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/66856"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0685.html"
},
{
"trust": 1.3,
"url": "http://www.ubuntu.com/usn/usn-2191-1"
},
{
"trust": 1.2,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"trust": 1.2,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"trust": 1.2,
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2014:0413"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2014:0414"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0675.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/58415"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/58974"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/59058"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2187-1"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10698"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0446"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1876"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0429"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2414"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2412"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2421"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0451"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0457"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2427"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2398"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0458"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2423"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0452"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0460"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0461"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0453"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0456"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2403"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2397"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0451.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0452.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0446.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0457.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0453.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2427.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0458.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0460.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2412.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2398.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2421.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0461.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2423.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2414.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-1876.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0429.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0459"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2403.html"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0456.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2413"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0455"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0454"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2402"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2397.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0449.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2428.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2420.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2409.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6629.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6954.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2401.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6629"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10698"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=140852974709252\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0429"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2191-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b31-1.13.3-1ubuntu1~0.10.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0462"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2405"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b31-1.13.3-1ubuntu1~0.12.04.2"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2468.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2456"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2464"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2455"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2463.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2446.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5896.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1500.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5817.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5797.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2445.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2454.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2459"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1571"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0414.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5910.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5782.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2468"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2448"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5802.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2466"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5803.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5832.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2465"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5778.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2446"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2451"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2451.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5823.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2450"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5899.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5783.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5801.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2453"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5780.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2445"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0416.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5818.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2456.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5824.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5789.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3743.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0403.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1500"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2407.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5850.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5812.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5842.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0422.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5902.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5849.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5889.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0415.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2437"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2471.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0375.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5831.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2443.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0423.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5878.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2457.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5776.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2412.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2407"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2447"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0376.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5848.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2443"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2461.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2452"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0410.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2447.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2452.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5852.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5840.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2464.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1571.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3829.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2463"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5907.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2465.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2472.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5772.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2466.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0373.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2453.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0411.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2473.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2454"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2437.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2444"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5905.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0417.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0424.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5819.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2450.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5820.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5809.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5898.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2455.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2459.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5884.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5825.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5774.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5830.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2461"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5784.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5887.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2448.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4002.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0418.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5906.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0387.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5790.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5787.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2469.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5804.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5843.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5888.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5814.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2412"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5829.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0459.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0454.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0407.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2413.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0455.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2402.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2403"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0455"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0456"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://blog.fuseyism.com/index.php/2014/04/16/security-icedtea-2-4-7-for-openjdk-7-released/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2413"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2402"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0429"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0406.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0454"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0189.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0457"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0408.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2420"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0508.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2409"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2401"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67922"
},
{
"db": "VULMON",
"id": "CVE-2014-0429"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "126443"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126664"
},
{
"db": "PACKETSTORM",
"id": "127027"
},
{
"db": "PACKETSTORM",
"id": "126494"
},
{
"db": "PACKETSTORM",
"id": "126183"
},
{
"db": "PACKETSTORM",
"id": "126631"
},
{
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-67922"
},
{
"db": "VULMON",
"id": "CVE-2014-0429"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "126443"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126664"
},
{
"db": "PACKETSTORM",
"id": "127027"
},
{
"db": "PACKETSTORM",
"id": "126494"
},
{
"db": "PACKETSTORM",
"id": "126183"
},
{
"db": "PACKETSTORM",
"id": "126631"
},
{
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-16T00:00:00",
"db": "VULHUB",
"id": "VHN-67922"
},
{
"date": "2014-04-16T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0429"
},
{
"date": "2014-06-30T23:39:28",
"db": "PACKETSTORM",
"id": "127267"
},
{
"date": "2014-05-02T06:40:40",
"db": "PACKETSTORM",
"id": "126443"
},
{
"date": "2014-04-17T22:01:36",
"db": "PACKETSTORM",
"id": "126195"
},
{
"date": "2014-04-16T20:41:55",
"db": "PACKETSTORM",
"id": "126181"
},
{
"date": "2014-05-19T03:11:59",
"db": "PACKETSTORM",
"id": "126664"
},
{
"date": "2014-06-11T00:06:58",
"db": "PACKETSTORM",
"id": "127027"
},
{
"date": "2014-05-06T00:17:25",
"db": "PACKETSTORM",
"id": "126494"
},
{
"date": "2014-04-16T20:42:18",
"db": "PACKETSTORM",
"id": "126183"
},
{
"date": "2014-05-15T21:38:43",
"db": "PACKETSTORM",
"id": "126631"
},
{
"date": "2014-04-16T00:55:23.920000",
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-09T00:00:00",
"db": "VULHUB",
"id": "VHN-67922"
},
{
"date": "2020-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0429"
},
{
"date": "2022-05-13T14:57:20.510000",
"db": "NVD",
"id": "CVE-2014-0429"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126664"
},
{
"db": "PACKETSTORM",
"id": "127027"
},
{
"db": "PACKETSTORM",
"id": "126183"
}
],
"trust": 0.4
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo Linux Security Advisory 201406-32",
"sources": [
{
"db": "PACKETSTORM",
"id": "127267"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "126181"
},
{
"db": "PACKETSTORM",
"id": "126664"
},
{
"db": "PACKETSTORM",
"id": "127027"
},
{
"db": "PACKETSTORM",
"id": "126183"
}
],
"trust": 0.4
}
}
VAR-201008-0172
Vulnerability from variot - Updated: 2024-07-23 21:52Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font. FreeType is prone to multiple memory-corruption vulnerabilities and a stack-based buffer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of an application that uses the affected library. Failed exploit attempts will likely result in denial-of-service conditions. It can be used to rasterize and map characters into bitmaps and provide support for other font-related businesses.
Background
FreeType is a high-quality and portable font engine. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All FreeType users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.4.8"
References
[ 1 ] CVE-2010-1797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1797 [ 2 ] CVE-2010-2497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2497 [ 3 ] CVE-2010-2498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2498 [ 4 ] CVE-2010-2499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2499 [ 5 ] CVE-2010-2500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2500 [ 6 ] CVE-2010-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2519 [ 7 ] CVE-2010-2520 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2520 [ 8 ] CVE-2010-2527 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2527 [ 9 ] CVE-2010-2541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2541 [ 10 ] CVE-2010-2805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2805 [ 11 ] CVE-2010-2806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2806 [ 12 ] CVE-2010-2807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2807 [ 13 ] CVE-2010-2808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2808 [ 14 ] CVE-2010-3053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3053 [ 15 ] CVE-2010-3054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3054 [ 16 ] CVE-2010-3311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3311 [ 17 ] CVE-2010-3814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3814 [ 18 ] CVE-2010-3855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3855 [ 19 ] CVE-2011-0226 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0226 [ 20 ] CVE-2011-3256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3256 [ 21 ] CVE-2011-3439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3439
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-09.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-972-1 August 17, 2010 freetype vulnerabilities CVE-2010-1797, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.8
Ubuntu 8.04 LTS: libfreetype6 2.3.5-1ubuntu4.8.04.4
Ubuntu 9.04: libfreetype6 2.3.9-4ubuntu0.3
Ubuntu 9.10: libfreetype6 2.3.9-5ubuntu0.2
Ubuntu 10.04 LTS: libfreetype6 2.3.11-1ubuntu2.2
After a standard system update you need to restart your session to make all the necessary changes.
Details follow:
It was discovered that FreeType did not correctly handle certain malformed font files.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.diff.gz
Size/MD5: 70961 d986f14b69d50fe1884e8dd5f9386731
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.dsc
Size/MD5: 719 a91985ecc92b75aa3f3647506bad4039
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz
Size/MD5: 1323617 adf145ce51196ad1b3054d5fb032efe6
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_amd64.deb
Size/MD5: 717794 f332d5b1974aa53f200e4e6ecf9df088
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_amd64.deb
Size/MD5: 440974 afa83868cc67cec692f72a9dc93635ff
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_amd64.deb
Size/MD5: 133902 dca56851436275285b4563c96388a070
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_amd64.udeb
Size/MD5: 251958 358627e207009dbe0c5be095e7bed18d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_i386.deb
Size/MD5: 677592 ee43f5e97f31b8da57582dbdb1e63033
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_i386.deb
Size/MD5: 416328 ef092c08ba2c167af0da25ab743ea663
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_i386.deb
Size/MD5: 117302 b2633ed4487657fe349fd3de76fce405
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_i386.udeb
Size/MD5: 227436 f55ab8a9bb7e76ad743f6c0fa2974e64
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_powerpc.deb
Size/MD5: 708654 ee71c714e62e96a9af4cf7ba909142e6
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_powerpc.deb
Size/MD5: 431036 4f1c6a1e28d3a14b593bef37605119ab
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_powerpc.deb
Size/MD5: 134260 66ba7d95f551eaadb1bba5a56d76529d
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_powerpc.udeb
Size/MD5: 241726 d2c4f13b12c8280b1fad56cdc0965502
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_sparc.deb
Size/MD5: 683964 49df9101deb9a317229351d72b5804ec
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_sparc.deb
Size/MD5: 411982 efaca20d5deec9e51be023710902852b
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_sparc.deb
Size/MD5: 120138 ff723720ed499e40049e3487844b9db3
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_sparc.udeb
Size/MD5: 222676 71f172ba71fc507b04e5337d55b32ed6
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.diff.gz
Size/MD5: 40949 1cc5014da4db8200edb54df32561fcd0
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.dsc
Size/MD5: 907 7f698125814f4ca67a01b0a66d9bcfe9
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5.orig.tar.gz
Size/MD5: 1536077 4a5bdbe1ab92f3fe4c4816f9934a5ec2
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_amd64.deb
Size/MD5: 694322 c740e1665d09a0c691163a543c8d650b
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_amd64.deb
Size/MD5: 362386 5b085e83764fcda129bede2c5c4ca179
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_amd64.deb
Size/MD5: 221392 dbebbbaffc086dccf550468fff1daa92
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_amd64.udeb
Size/MD5: 258454 f3903d4e43891753f3c6439cd862617f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_i386.deb
Size/MD5: 663330 7601af27049730f0f7afcfa30244ae88
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_i386.deb
Size/MD5: 347172 de53a441e28e385598d20333ff636026
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_i386.deb
Size/MD5: 201266 c9c50bdc87d0a46fc43f3bbca26adec5
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_i386.udeb
Size/MD5: 243462 16bb61f604fe48a301f6faeaa094d266
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_lpia.deb
Size/MD5: 665120 bf0dcd13b8a171f6a740ca225d943e68
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_lpia.deb
Size/MD5: 347512 d2beee3ccf7fe0233825d46cc61ca62d
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_lpia.deb
Size/MD5: 205560 7879f630a5356e3d6e9c0609e8008de9
http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_lpia.udeb
Size/MD5: 244324 4e10fb5e68a78312eb02c69508120c6a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_powerpc.deb
Size/MD5: 687156 6d36300396fa84d6f889147b0247f385
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_powerpc.deb
Size/MD5: 358086 06b9874cc9ba11fdb6feb10b0831e890
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_powerpc.deb
Size/MD5: 235578 ce514bab4cbc028a0451742c38c633cd
http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_powerpc.udeb
Size/MD5: 254526 d50f40a9421b52f4302c4d260170edb3
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_sparc.deb
Size/MD5: 658094 184f0f51023baa8ce459fababaa190d9
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_sparc.deb
Size/MD5: 332124 5aa036de5269896c893ea8f825329b84
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_sparc.deb
Size/MD5: 199782 9323f9209333cf42114e97d3305d901c
http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_sparc.udeb
Size/MD5: 227810 7657e99ad137ad5ce654b74cfbbfdc10
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.diff.gz
Size/MD5: 44032 17b27322a6448d40599c55561209c940
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.dsc
Size/MD5: 1311 5124a4df7016a625a631c1ff4661aae9
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9.orig.tar.gz
Size/MD5: 1624314 7b2ab681f1a436876ed888041204e478
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_amd64.deb
Size/MD5: 729408 788a2af765a8356c4a7c01e893695b0b
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_amd64.udeb
Size/MD5: 272950 a1f9a0ad0d036e5a14b073c139ce5408
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_amd64.deb
Size/MD5: 407052 bfd510dc0c46a0f25dd3329693ee66a8
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_amd64.deb
Size/MD5: 226474 9b8e6c521d8629b9b1db2760209460a3
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_i386.deb
Size/MD5: 697818 9176ee8649b8441333d7c5d9359c53a6
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_i386.udeb
Size/MD5: 257896 c26f46491d69a174fa9cad126a3201cf
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_i386.deb
Size/MD5: 392692 648d0605a187b74291b3233e5e4930e3
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_i386.deb
Size/MD5: 198834 0b41da08de5417a7db21e24e730e03d9
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_lpia.deb
Size/MD5: 698682 12c20dd647db986bd87a250d8706e8e8
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_lpia.udeb
Size/MD5: 257736 dee60e4b8a1824d2aa13364ec0f01602
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_lpia.deb
Size/MD5: 392978 e19bcc3c8c0cec76227c64843b01516a
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_lpia.deb
Size/MD5: 201636 a558e986b6c6e878e115126e7d3a28a5
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_powerpc.deb
Size/MD5: 720040 70c8792cddd9cfe45480f8d760dd0163
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_powerpc.udeb
Size/MD5: 265790 b356a500845d045f431db6ef4db4f811
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_powerpc.deb
Size/MD5: 400532 91aa4eea6b8e9b67a721b552caab8468
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_powerpc.deb
Size/MD5: 227834 fa22e303b8d06dfb99a8c3c1f2980061
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_sparc.deb
Size/MD5: 689244 dff22369b1bb07d4ef7c6d9f474149db
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_sparc.udeb
Size/MD5: 238164 cb1e597bd0065d2ffbad763a52088c1d
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_sparc.deb
Size/MD5: 372422 c6f36ae3119f8f17368d796943ba9908
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_sparc.deb
Size/MD5: 201390 c3f108859375787b11190d3c5a1d966b
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.diff.gz
Size/MD5: 43530 f78681f1641b93f34d41ff4d6f31eb71
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.dsc
Size/MD5: 1311 8a9a302e0a62f2dbe2a62aba456e2108
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9.orig.tar.gz
Size/MD5: 1624314 7b2ab681f1a436876ed888041204e478
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_amd64.deb
Size/MD5: 731028 3b5ed0ad073cca0c1eee212b0e12f255
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_amd64.udeb
Size/MD5: 275110 a23822489a0d7d45152f341b86f0df20
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_amd64.deb
Size/MD5: 409362 ba180d650e17df6980ca09b8d1a109e1
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_amd64.deb
Size/MD5: 230774 a0a51691eefc0fb6e94d41c3282c3ab2
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_i386.deb
Size/MD5: 696892 ad2164ed812ccd9cf7829659cff219c7
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_i386.udeb
Size/MD5: 258710 c2d256e87eaee83ab83592247588bee7
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_i386.deb
Size/MD5: 393912 c8d04b785d17066229bab50a3c13e1af
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_i386.deb
Size/MD5: 195702 02aa03f1f62a61383d829b5bf494b7b0
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_lpia.deb
Size/MD5: 699382 ff8200917b43322062d2f3b5f3f6bab8
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_lpia.udeb
Size/MD5: 259348 0395bdbaf357d161d0f1d3b257ae4732
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_lpia.deb
Size/MD5: 394122 8481f2e278a5da28b28ef0fa79207662
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_lpia.deb
Size/MD5: 198546 a3f0a848da83a64d14344b6744b33a90
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_powerpc.deb
Size/MD5: 719762 bd7185c852b151794c27f8c2ead4da94
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_powerpc.udeb
Size/MD5: 264578 58a77cbf2ae4c2a447a81cce72f6b8c5
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_powerpc.deb
Size/MD5: 399118 c943fa66513b862ccb6ac99699c9e33c
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_powerpc.deb
Size/MD5: 203834 842dd94d9b3fad52c0b1b6489775d2ea
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_sparc.deb
Size/MD5: 691054 557de31093ac67c2dedec97e55998295
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_sparc.udeb
Size/MD5: 240534 f3c79ed9e84e7169851de3f432b613c3
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_sparc.deb
Size/MD5: 374982 e84af1b516f050ee9bdb93c213994943
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_sparc.deb
Size/MD5: 195786 599978c8d9cff2525eba228c793833c3
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.diff.gz
Size/MD5: 41646 9b97425327300eda74c492034fed50ad
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.dsc
Size/MD5: 1313 b7b625334a0d9c926bf34cc83dcc904c
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11.orig.tar.gz
Size/MD5: 1709600 5aa22c0bc6aa3815b40a309ead2b9d1b
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_amd64.deb
Size/MD5: 739530 db9147ce9477b7ab22374f89d24b24ca
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_amd64.udeb
Size/MD5: 277536 35fc46f3c281aee82eeed4e00cfdacdc
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_amd64.deb
Size/MD5: 434932 1bf8e620c3008504b87354470e7be9a5
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_amd64.deb
Size/MD5: 221434 4b4fcbd633bf1b3c2151617adae44835
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_i386.deb
Size/MD5: 704694 f58601afde2b4bc257492762654cbf94
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_i386.udeb
Size/MD5: 260916 a540a7f9ae973bce66bbd3fdb9a4f849
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_i386.deb
Size/MD5: 419000 d4a78ce7ae146caa59b61f43b27d363c
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_i386.deb
Size/MD5: 188710 e94b4202fcfe184fdf81409fe610a42a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_powerpc.deb
Size/MD5: 728090 5f2e98a54cb2a0ac03591c387aacf461
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_powerpc.udeb
Size/MD5: 266750 66bf2b146ab219d1b78e1887d0053f2a
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_powerpc.deb
Size/MD5: 424614 fd964644b45bbbc79729c9609c4b6bb8
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_powerpc.deb
Size/MD5: 196686 b88a8cebff19c95b6c9c161f7d1bb472
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_sparc.deb
Size/MD5: 707164 bf26d7cb1aa3f759ca31510f92888053
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_sparc.udeb
Size/MD5: 250768 100b4d4b270421fb1dcb503c88b547e8
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_sparc.deb
Size/MD5: 408132 b009cd0f1aafa500f8cc16273e9f2ed9
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_sparc.deb
Size/MD5: 198302 504ec3da9ee2048391e2c4035d7149fc
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-2105-1 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano September 07, 2010 http://www.debian.org/security/faq
Package : freetype Vulnerability : several Problem type : local(remote) Debian-specific: no CVE Id(s) : CVE-2010-1797 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806 CVE-2010-2807 CVE-2010-2808 CVE-2010-3053
Several vulnerabilities have been discovered in the FreeType font library.
For the stable distribution (lenny), these problems have been fixed in version 2.3.7-2+lenny3
For the unstable distribution (sid) and the testing distribution (squeeze), these problems have been fixed in version 2.4.2-1
We recommend that you upgrade your freetype package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.diff.gz Size/MD5 checksum: 39230 95a3841e7258573ca2d3e0075b8e7f73 http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz Size/MD5 checksum: 1567540 c1a9f44fde316470176fd6d66af3a0e8 http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.dsc Size/MD5 checksum: 1219 2a2bf3d4568d92e2a48ebcda38140e73
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_alpha.deb Size/MD5 checksum: 775278 2f2ca060588fc33b6d7baae02201dbd2 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_alpha.deb Size/MD5 checksum: 412188 ad9537e93ed3fb61f9348470940f3ce5 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_alpha.udeb Size/MD5 checksum: 296592 e689b1c4b6bd7779e44d1cd641be9622 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_alpha.deb Size/MD5 checksum: 253786 287a98ca57139d4dee8041eba2881e3b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_amd64.deb Size/MD5 checksum: 713260 f1d4002e7b6d185ff9f46bc25d67c4c9 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_amd64.deb Size/MD5 checksum: 223170 cb00f76d826be115243faa9dfd0b8a91 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_amd64.udeb Size/MD5 checksum: 269796 40762e686138c27ac92b20174e67012e http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_amd64.deb Size/MD5 checksum: 385848 0294d7e3e1d6b37532f98344a9849cde
arm architecture (ARM)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_arm.deb Size/MD5 checksum: 686154 fbe32c7124ba2ce093b31f46736e002b http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_arm.deb Size/MD5 checksum: 357158 0d793d543a33cfa192098234c925d639 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_arm.udeb Size/MD5 checksum: 242196 1cfc9f7dc6a7cd0843aa234bab35b69e http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_arm.deb Size/MD5 checksum: 205120 39ab4dfbc19c8a63affc493e0b5aaf2d
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_armel.deb Size/MD5 checksum: 684568 325686fbc2fba7687da424ada57b9419 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_armel.deb Size/MD5 checksum: 209992 69f6a68fb90658ec74dfd7cc7cc0b766 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_armel.udeb Size/MD5 checksum: 236564 a48afca5c6798d16b140b3362dfac0ca http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_armel.deb Size/MD5 checksum: 353814 76960109910d6de2f74ec0e345f00854
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb Size/MD5 checksum: 254452 a34af74eda0feb2b763cfc6f5b8330c1 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_i386.deb Size/MD5 checksum: 371586 ec294ffffeb9ddec389e3e988d880534 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_i386.deb Size/MD5 checksum: 198558 3283ad058d37eed8bca46df743c6a915 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_i386.deb Size/MD5 checksum: 684624 014d335b35ed41022adb628796a0c122
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_ia64.deb Size/MD5 checksum: 332160 2dbb364f09414e4b0e0f59d9e91d1edc http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_ia64.deb Size/MD5 checksum: 876692 2f6d3421d6c8424523388347c5640666 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_ia64.deb Size/MD5 checksum: 531496 5dd7755f63271f597b64c3f513e8e7f1 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_ia64.udeb Size/MD5 checksum: 415934 ea2ba16157b3504d8b9c8f251b69b16f
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mips.deb Size/MD5 checksum: 717022 9ee8c246af10f4bf7cdf5cdc54010dd6 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mips.deb Size/MD5 checksum: 213212 3641ad81738e8935c5df2b648383c8e0 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mips.deb Size/MD5 checksum: 369018 18559e273ffcea5614e71ab32b95ef47 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mips.udeb Size/MD5 checksum: 253924 1be1e224f27a780beb6799d55fa74663
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mipsel.deb Size/MD5 checksum: 369772 6181d98166fe1f004fb033f2665ce4af http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mipsel.deb Size/MD5 checksum: 214802 6edbec67ff79e96921d1fe4bf57b0fce http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mipsel.deb Size/MD5 checksum: 712502 4a99ccc68b1913f88901c5e0686fea4f http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mipsel.udeb Size/MD5 checksum: 254212 e30825a94175fd78a561b8365392cbad
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_powerpc.udeb Size/MD5 checksum: 262804 d35ced8ba625f39dc7a04e3e61e0d49d http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_powerpc.deb Size/MD5 checksum: 233882 6e294c19dd0109ee80fe6cd401b6a185 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_powerpc.deb Size/MD5 checksum: 378612 c96a180e7132c543396486b14107cdad http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_powerpc.deb Size/MD5 checksum: 708212 9602a7786b2ebffd1d75d443901574c5
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_s390.deb Size/MD5 checksum: 225190 393c9515f7cd89bcd8b0c38d6d6dd7ac http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_s390.deb Size/MD5 checksum: 384160 4e20bc56e5fc65fb08529d8765d28850 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_s390.deb Size/MD5 checksum: 698798 f589b6b8882d998bb7b89fa1dfa40b3a http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_s390.udeb Size/MD5 checksum: 268272 7b6511b9ad657aa165e906a4fcbfee11
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_sparc.deb Size/MD5 checksum: 200078 29c1833cbde5b4da5c2e35aaf856ab58 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_sparc.udeb Size/MD5 checksum: 235424 e64a8fc3b744253b22161e31fbb6e92a http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_sparc.deb Size/MD5 checksum: 352544 a7f480889460b104bbab16fd8d8da2d5 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_sparc.deb Size/MD5 checksum: 676520 6d0f57a5bd6457a9b9b85271c7001531
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkyGowMACgkQNxpp46476aos+gCggzMhJbnoGyXAhf8hfIrNJLn7 reQAnj4mmmGRshTxck3LwMxdmtAhb8uJ =RkKg -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201008-0172",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "freetype",
"scope": "lt",
"trust": 1.8,
"vendor": "freetype",
"version": "2.4.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.5"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.2"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.9,
"vendor": "freetype",
"version": "2.3.6"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.9,
"vendor": "freetype",
"version": "2.3.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "(2nd generation) 4.0 software"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.0 to 4.1 (iphone 3g after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.1 to 4.1 (ipod touch (2nd generation) after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.2 to 3.2.2 (ipad for )"
},
{
"model": "ipad",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "iphone",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "ipod touch",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "opensolaris",
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.6,
"vendor": "freetype",
"version": "2.4.0"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.6,
"vendor": "freetype",
"version": "2.3.11"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.6,
"vendor": "freetype",
"version": "2.3.12"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.6,
"vendor": "freetype",
"version": "2.3.8"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.6,
"vendor": "freetype",
"version": "2.3.7"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.6,
"vendor": "freetype",
"version": "2.3.9"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.6,
"vendor": "freetype",
"version": "2.3.10"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.6,
"vendor": "freetype",
"version": "2.4.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.1.10"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.2.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.1.7"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.1"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.3.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.0.6"
},
{
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.2.1"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.1.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "freetype",
"scope": "eq",
"trust": 0.3,
"vendor": "freetype",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "42285"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
},
{
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.6.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Robert Swiecki robert@swiecki.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
}
],
"trust": 0.6
},
"cve": "CVE-2010-2808",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2010-2808",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-45413",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-2808",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201008-204",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-45413",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45413"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
},
{
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font. FreeType is prone to multiple memory-corruption vulnerabilities and a stack-based buffer-overflow vulnerability. \nSuccessful exploits may allow attackers to execute arbitrary code in the context of an application that uses the affected library. Failed exploit attempts will likely result in denial-of-service conditions. It can be used to rasterize and map characters into bitmaps and provide support for other font-related businesses. \n\nBackground\n==========\n\nFreeType is a high-quality and portable font engine. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll FreeType users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/freetype-2.4.8\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-1797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1797\n[ 2 ] CVE-2010-2497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2497\n[ 3 ] CVE-2010-2498\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2498\n[ 4 ] CVE-2010-2499\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2499\n[ 5 ] CVE-2010-2500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2500\n[ 6 ] CVE-2010-2519\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2519\n[ 7 ] CVE-2010-2520\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2520\n[ 8 ] CVE-2010-2527\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2527\n[ 9 ] CVE-2010-2541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2541\n[ 10 ] CVE-2010-2805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2805\n[ 11 ] CVE-2010-2806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2806\n[ 12 ] CVE-2010-2807\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2807\n[ 13 ] CVE-2010-2808\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2808\n[ 14 ] CVE-2010-3053\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3053\n[ 15 ] CVE-2010-3054\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3054\n[ 16 ] CVE-2010-3311\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3311\n[ 17 ] CVE-2010-3814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3814\n[ 18 ] CVE-2010-3855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3855\n[ 19 ] CVE-2011-0226\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0226\n[ 20 ] CVE-2011-3256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3256\n[ 21 ] CVE-2011-3439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3439\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-09.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ===========================================================\nUbuntu Security Notice USN-972-1 August 17, 2010\nfreetype vulnerabilities\nCVE-2010-1797, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806,\nCVE-2010-2807, CVE-2010-2808\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libfreetype6 2.1.10-1ubuntu2.8\n\nUbuntu 8.04 LTS:\n libfreetype6 2.3.5-1ubuntu4.8.04.4\n\nUbuntu 9.04:\n libfreetype6 2.3.9-4ubuntu0.3\n\nUbuntu 9.10:\n libfreetype6 2.3.9-5ubuntu0.2\n\nUbuntu 10.04 LTS:\n libfreetype6 2.3.11-1ubuntu2.2\n\nAfter a standard system update you need to restart your session to make\nall the necessary changes. \n\nDetails follow:\n\nIt was discovered that FreeType did not correctly handle certain malformed\nfont files. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.diff.gz\n Size/MD5: 70961 d986f14b69d50fe1884e8dd5f9386731\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.dsc\n Size/MD5: 719 a91985ecc92b75aa3f3647506bad4039\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz\n Size/MD5: 1323617 adf145ce51196ad1b3054d5fb032efe6\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_amd64.deb\n Size/MD5: 717794 f332d5b1974aa53f200e4e6ecf9df088\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_amd64.deb\n Size/MD5: 440974 afa83868cc67cec692f72a9dc93635ff\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_amd64.deb\n Size/MD5: 133902 dca56851436275285b4563c96388a070\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_amd64.udeb\n Size/MD5: 251958 358627e207009dbe0c5be095e7bed18d\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_i386.deb\n Size/MD5: 677592 ee43f5e97f31b8da57582dbdb1e63033\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_i386.deb\n Size/MD5: 416328 ef092c08ba2c167af0da25ab743ea663\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_i386.deb\n Size/MD5: 117302 b2633ed4487657fe349fd3de76fce405\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_i386.udeb\n Size/MD5: 227436 f55ab8a9bb7e76ad743f6c0fa2974e64\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_powerpc.deb\n Size/MD5: 708654 ee71c714e62e96a9af4cf7ba909142e6\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_powerpc.deb\n Size/MD5: 431036 4f1c6a1e28d3a14b593bef37605119ab\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_powerpc.deb\n Size/MD5: 134260 66ba7d95f551eaadb1bba5a56d76529d\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_powerpc.udeb\n Size/MD5: 241726 d2c4f13b12c8280b1fad56cdc0965502\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_sparc.deb\n Size/MD5: 683964 49df9101deb9a317229351d72b5804ec\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_sparc.deb\n Size/MD5: 411982 efaca20d5deec9e51be023710902852b\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_sparc.deb\n Size/MD5: 120138 ff723720ed499e40049e3487844b9db3\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_sparc.udeb\n Size/MD5: 222676 71f172ba71fc507b04e5337d55b32ed6\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.diff.gz\n Size/MD5: 40949 1cc5014da4db8200edb54df32561fcd0\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.dsc\n Size/MD5: 907 7f698125814f4ca67a01b0a66d9bcfe9\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5.orig.tar.gz\n Size/MD5: 1536077 4a5bdbe1ab92f3fe4c4816f9934a5ec2\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_amd64.deb\n Size/MD5: 694322 c740e1665d09a0c691163a543c8d650b\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_amd64.deb\n Size/MD5: 362386 5b085e83764fcda129bede2c5c4ca179\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_amd64.deb\n Size/MD5: 221392 dbebbbaffc086dccf550468fff1daa92\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_amd64.udeb\n Size/MD5: 258454 f3903d4e43891753f3c6439cd862617f\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_i386.deb\n Size/MD5: 663330 7601af27049730f0f7afcfa30244ae88\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_i386.deb\n Size/MD5: 347172 de53a441e28e385598d20333ff636026\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_i386.deb\n Size/MD5: 201266 c9c50bdc87d0a46fc43f3bbca26adec5\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_i386.udeb\n Size/MD5: 243462 16bb61f604fe48a301f6faeaa094d266\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_lpia.deb\n Size/MD5: 665120 bf0dcd13b8a171f6a740ca225d943e68\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_lpia.deb\n Size/MD5: 347512 d2beee3ccf7fe0233825d46cc61ca62d\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_lpia.deb\n Size/MD5: 205560 7879f630a5356e3d6e9c0609e8008de9\n http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_lpia.udeb\n Size/MD5: 244324 4e10fb5e68a78312eb02c69508120c6a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_powerpc.deb\n Size/MD5: 687156 6d36300396fa84d6f889147b0247f385\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_powerpc.deb\n Size/MD5: 358086 06b9874cc9ba11fdb6feb10b0831e890\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_powerpc.deb\n Size/MD5: 235578 ce514bab4cbc028a0451742c38c633cd\n http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_powerpc.udeb\n Size/MD5: 254526 d50f40a9421b52f4302c4d260170edb3\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_sparc.deb\n Size/MD5: 658094 184f0f51023baa8ce459fababaa190d9\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_sparc.deb\n Size/MD5: 332124 5aa036de5269896c893ea8f825329b84\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_sparc.deb\n Size/MD5: 199782 9323f9209333cf42114e97d3305d901c\n http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_sparc.udeb\n Size/MD5: 227810 7657e99ad137ad5ce654b74cfbbfdc10\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.diff.gz\n Size/MD5: 44032 17b27322a6448d40599c55561209c940\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.dsc\n Size/MD5: 1311 5124a4df7016a625a631c1ff4661aae9\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9.orig.tar.gz\n Size/MD5: 1624314 7b2ab681f1a436876ed888041204e478\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_amd64.deb\n Size/MD5: 729408 788a2af765a8356c4a7c01e893695b0b\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_amd64.udeb\n Size/MD5: 272950 a1f9a0ad0d036e5a14b073c139ce5408\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_amd64.deb\n Size/MD5: 407052 bfd510dc0c46a0f25dd3329693ee66a8\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_amd64.deb\n Size/MD5: 226474 9b8e6c521d8629b9b1db2760209460a3\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_i386.deb\n Size/MD5: 697818 9176ee8649b8441333d7c5d9359c53a6\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_i386.udeb\n Size/MD5: 257896 c26f46491d69a174fa9cad126a3201cf\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_i386.deb\n Size/MD5: 392692 648d0605a187b74291b3233e5e4930e3\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_i386.deb\n Size/MD5: 198834 0b41da08de5417a7db21e24e730e03d9\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_lpia.deb\n Size/MD5: 698682 12c20dd647db986bd87a250d8706e8e8\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_lpia.udeb\n Size/MD5: 257736 dee60e4b8a1824d2aa13364ec0f01602\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_lpia.deb\n Size/MD5: 392978 e19bcc3c8c0cec76227c64843b01516a\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_lpia.deb\n Size/MD5: 201636 a558e986b6c6e878e115126e7d3a28a5\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_powerpc.deb\n Size/MD5: 720040 70c8792cddd9cfe45480f8d760dd0163\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_powerpc.udeb\n Size/MD5: 265790 b356a500845d045f431db6ef4db4f811\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_powerpc.deb\n Size/MD5: 400532 91aa4eea6b8e9b67a721b552caab8468\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_powerpc.deb\n Size/MD5: 227834 fa22e303b8d06dfb99a8c3c1f2980061\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_sparc.deb\n Size/MD5: 689244 dff22369b1bb07d4ef7c6d9f474149db\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_sparc.udeb\n Size/MD5: 238164 cb1e597bd0065d2ffbad763a52088c1d\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_sparc.deb\n Size/MD5: 372422 c6f36ae3119f8f17368d796943ba9908\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_sparc.deb\n Size/MD5: 201390 c3f108859375787b11190d3c5a1d966b\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.diff.gz\n Size/MD5: 43530 f78681f1641b93f34d41ff4d6f31eb71\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.dsc\n Size/MD5: 1311 8a9a302e0a62f2dbe2a62aba456e2108\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9.orig.tar.gz\n Size/MD5: 1624314 7b2ab681f1a436876ed888041204e478\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_amd64.deb\n Size/MD5: 731028 3b5ed0ad073cca0c1eee212b0e12f255\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_amd64.udeb\n Size/MD5: 275110 a23822489a0d7d45152f341b86f0df20\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_amd64.deb\n Size/MD5: 409362 ba180d650e17df6980ca09b8d1a109e1\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_amd64.deb\n Size/MD5: 230774 a0a51691eefc0fb6e94d41c3282c3ab2\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_i386.deb\n Size/MD5: 696892 ad2164ed812ccd9cf7829659cff219c7\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_i386.udeb\n Size/MD5: 258710 c2d256e87eaee83ab83592247588bee7\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_i386.deb\n Size/MD5: 393912 c8d04b785d17066229bab50a3c13e1af\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_i386.deb\n Size/MD5: 195702 02aa03f1f62a61383d829b5bf494b7b0\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_lpia.deb\n Size/MD5: 699382 ff8200917b43322062d2f3b5f3f6bab8\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_lpia.udeb\n Size/MD5: 259348 0395bdbaf357d161d0f1d3b257ae4732\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_lpia.deb\n Size/MD5: 394122 8481f2e278a5da28b28ef0fa79207662\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_lpia.deb\n Size/MD5: 198546 a3f0a848da83a64d14344b6744b33a90\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_powerpc.deb\n Size/MD5: 719762 bd7185c852b151794c27f8c2ead4da94\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_powerpc.udeb\n Size/MD5: 264578 58a77cbf2ae4c2a447a81cce72f6b8c5\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_powerpc.deb\n Size/MD5: 399118 c943fa66513b862ccb6ac99699c9e33c\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_powerpc.deb\n Size/MD5: 203834 842dd94d9b3fad52c0b1b6489775d2ea\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_sparc.deb\n Size/MD5: 691054 557de31093ac67c2dedec97e55998295\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_sparc.udeb\n Size/MD5: 240534 f3c79ed9e84e7169851de3f432b613c3\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_sparc.deb\n Size/MD5: 374982 e84af1b516f050ee9bdb93c213994943\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_sparc.deb\n Size/MD5: 195786 599978c8d9cff2525eba228c793833c3\n\nUpdated packages for Ubuntu 10.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.diff.gz\n Size/MD5: 41646 9b97425327300eda74c492034fed50ad\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.dsc\n Size/MD5: 1313 b7b625334a0d9c926bf34cc83dcc904c\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11.orig.tar.gz\n Size/MD5: 1709600 5aa22c0bc6aa3815b40a309ead2b9d1b\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_amd64.deb\n Size/MD5: 739530 db9147ce9477b7ab22374f89d24b24ca\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_amd64.udeb\n Size/MD5: 277536 35fc46f3c281aee82eeed4e00cfdacdc\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_amd64.deb\n Size/MD5: 434932 1bf8e620c3008504b87354470e7be9a5\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_amd64.deb\n Size/MD5: 221434 4b4fcbd633bf1b3c2151617adae44835\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_i386.deb\n Size/MD5: 704694 f58601afde2b4bc257492762654cbf94\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_i386.udeb\n Size/MD5: 260916 a540a7f9ae973bce66bbd3fdb9a4f849\n http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_i386.deb\n Size/MD5: 419000 d4a78ce7ae146caa59b61f43b27d363c\n http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_i386.deb\n Size/MD5: 188710 e94b4202fcfe184fdf81409fe610a42a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_powerpc.deb\n Size/MD5: 728090 5f2e98a54cb2a0ac03591c387aacf461\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_powerpc.udeb\n Size/MD5: 266750 66bf2b146ab219d1b78e1887d0053f2a\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_powerpc.deb\n Size/MD5: 424614 fd964644b45bbbc79729c9609c4b6bb8\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_powerpc.deb\n Size/MD5: 196686 b88a8cebff19c95b6c9c161f7d1bb472\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_sparc.deb\n Size/MD5: 707164 bf26d7cb1aa3f759ca31510f92888053\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_sparc.udeb\n Size/MD5: 250768 100b4d4b270421fb1dcb503c88b547e8\n http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_sparc.deb\n Size/MD5: 408132 b009cd0f1aafa500f8cc16273e9f2ed9\n http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_sparc.deb\n Size/MD5: 198302 504ec3da9ee2048391e2c4035d7149fc\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2105-1 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nSeptember 07, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : freetype\nVulnerability : several\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2010-1797 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806\n CVE-2010-2807 CVE-2010-2808 CVE-2010-3053\n\n\nSeveral vulnerabilities have been discovered in the FreeType font \nlibrary. \n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.3.7-2+lenny3\n\nFor the unstable distribution (sid) and the testing distribution\n(squeeze), these problems have been fixed in version 2.4.2-1\n\n\nWe recommend that you upgrade your freetype package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.diff.gz\n Size/MD5 checksum: 39230 95a3841e7258573ca2d3e0075b8e7f73\n http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz\n Size/MD5 checksum: 1567540 c1a9f44fde316470176fd6d66af3a0e8\n http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.dsc\n Size/MD5 checksum: 1219 2a2bf3d4568d92e2a48ebcda38140e73\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_alpha.deb\n Size/MD5 checksum: 775278 2f2ca060588fc33b6d7baae02201dbd2\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_alpha.deb\n Size/MD5 checksum: 412188 ad9537e93ed3fb61f9348470940f3ce5\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_alpha.udeb\n Size/MD5 checksum: 296592 e689b1c4b6bd7779e44d1cd641be9622\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_alpha.deb\n Size/MD5 checksum: 253786 287a98ca57139d4dee8041eba2881e3b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_amd64.deb\n Size/MD5 checksum: 713260 f1d4002e7b6d185ff9f46bc25d67c4c9\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_amd64.deb\n Size/MD5 checksum: 223170 cb00f76d826be115243faa9dfd0b8a91\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_amd64.udeb\n Size/MD5 checksum: 269796 40762e686138c27ac92b20174e67012e\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_amd64.deb\n Size/MD5 checksum: 385848 0294d7e3e1d6b37532f98344a9849cde\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_arm.deb\n Size/MD5 checksum: 686154 fbe32c7124ba2ce093b31f46736e002b\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_arm.deb\n Size/MD5 checksum: 357158 0d793d543a33cfa192098234c925d639\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_arm.udeb\n Size/MD5 checksum: 242196 1cfc9f7dc6a7cd0843aa234bab35b69e\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_arm.deb\n Size/MD5 checksum: 205120 39ab4dfbc19c8a63affc493e0b5aaf2d\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_armel.deb\n Size/MD5 checksum: 684568 325686fbc2fba7687da424ada57b9419\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_armel.deb\n Size/MD5 checksum: 209992 69f6a68fb90658ec74dfd7cc7cc0b766\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_armel.udeb\n Size/MD5 checksum: 236564 a48afca5c6798d16b140b3362dfac0ca\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_armel.deb\n Size/MD5 checksum: 353814 76960109910d6de2f74ec0e345f00854\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb\n Size/MD5 checksum: 254452 a34af74eda0feb2b763cfc6f5b8330c1\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_i386.deb\n Size/MD5 checksum: 371586 ec294ffffeb9ddec389e3e988d880534\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_i386.deb\n Size/MD5 checksum: 198558 3283ad058d37eed8bca46df743c6a915\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_i386.deb\n Size/MD5 checksum: 684624 014d335b35ed41022adb628796a0c122\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_ia64.deb\n Size/MD5 checksum: 332160 2dbb364f09414e4b0e0f59d9e91d1edc\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_ia64.deb\n Size/MD5 checksum: 876692 2f6d3421d6c8424523388347c5640666\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_ia64.deb\n Size/MD5 checksum: 531496 5dd7755f63271f597b64c3f513e8e7f1\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_ia64.udeb\n Size/MD5 checksum: 415934 ea2ba16157b3504d8b9c8f251b69b16f\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mips.deb\n Size/MD5 checksum: 717022 9ee8c246af10f4bf7cdf5cdc54010dd6\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mips.deb\n Size/MD5 checksum: 213212 3641ad81738e8935c5df2b648383c8e0\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mips.deb\n Size/MD5 checksum: 369018 18559e273ffcea5614e71ab32b95ef47\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mips.udeb\n Size/MD5 checksum: 253924 1be1e224f27a780beb6799d55fa74663\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mipsel.deb\n Size/MD5 checksum: 369772 6181d98166fe1f004fb033f2665ce4af\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mipsel.deb\n Size/MD5 checksum: 214802 6edbec67ff79e96921d1fe4bf57b0fce\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mipsel.deb\n Size/MD5 checksum: 712502 4a99ccc68b1913f88901c5e0686fea4f\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mipsel.udeb\n Size/MD5 checksum: 254212 e30825a94175fd78a561b8365392cbad\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_powerpc.udeb\n Size/MD5 checksum: 262804 d35ced8ba625f39dc7a04e3e61e0d49d\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_powerpc.deb\n Size/MD5 checksum: 233882 6e294c19dd0109ee80fe6cd401b6a185\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_powerpc.deb\n Size/MD5 checksum: 378612 c96a180e7132c543396486b14107cdad\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_powerpc.deb\n Size/MD5 checksum: 708212 9602a7786b2ebffd1d75d443901574c5\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_s390.deb\n Size/MD5 checksum: 225190 393c9515f7cd89bcd8b0c38d6d6dd7ac\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_s390.deb\n Size/MD5 checksum: 384160 4e20bc56e5fc65fb08529d8765d28850\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_s390.deb\n Size/MD5 checksum: 698798 f589b6b8882d998bb7b89fa1dfa40b3a\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_s390.udeb\n Size/MD5 checksum: 268272 7b6511b9ad657aa165e906a4fcbfee11\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_sparc.deb\n Size/MD5 checksum: 200078 29c1833cbde5b4da5c2e35aaf856ab58\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_sparc.udeb\n Size/MD5 checksum: 235424 e64a8fc3b744253b22161e31fbb6e92a\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_sparc.deb\n Size/MD5 checksum: 352544 a7f480889460b104bbab16fd8d8da2d5\n http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_sparc.deb\n Size/MD5 checksum: 676520 6d0f57a5bd6457a9b9b85271c7001531\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAkyGowMACgkQNxpp46476aos+gCggzMhJbnoGyXAhf8hfIrNJLn7\nreQAnj4mmmGRshTxck3LwMxdmtAhb8uJ\n=RkKg\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2808"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"db": "BID",
"id": "42285"
},
{
"db": "VULHUB",
"id": "VHN-45413"
},
{
"db": "PACKETSTORM",
"id": "109005"
},
{
"db": "PACKETSTORM",
"id": "92842"
},
{
"db": "PACKETSTORM",
"id": "93637"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2808",
"trust": 3.1
},
{
"db": "BID",
"id": "42285",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "40816",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-2018",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "42314",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "40982",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "42317",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3046",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-2106",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3045",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002141",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201008-204",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-45413",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109005",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92842",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93637",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45413"
},
{
"db": "BID",
"id": "42285"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"db": "PACKETSTORM",
"id": "109005"
},
{
"db": "PACKETSTORM",
"id": "92842"
},
{
"db": "PACKETSTORM",
"id": "93637"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
},
{
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"id": "VAR-201008-0172",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-45413"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:52:33.872000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4457"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4456"
},
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4456?viewlocale=ja_jp"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4457?viewlocale=ja_jp"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4435?viewlocale=ja_jp"
},
{
"title": "freetype-2.2.1-28.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1271"
},
{
"title": "FreeType 2.4.2 has been released",
"trust": 0.8,
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"title": "2137",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2137"
},
{
"title": "RHSA-2010:0737",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0737.html"
},
{
"title": "RHSA-2010:0864",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0864.html"
},
{
"title": "cve_2010_1797_buffer_overflow",
"trust": 0.8,
"url": "http://blogs.sun.com/security/entry/cve_2010_1797_buffer_overflow"
},
{
"title": "TLSA-2010-34",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2010/tlsa-2010-34j.txt"
},
{
"title": "VER-2-4-2",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=40258"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45413"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://secunia.com/advisories/40816"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/42285"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"trust": 2.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621907"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/40982"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/42314"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/42317"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html"
},
{
"trust": 1.7,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0737.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0864.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-972-1"
},
{
"trust": 1.7,
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"trust": 1.7,
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975"
},
{
"trust": 1.7,
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/news/view"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht4456"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht4457"
},
{
"trust": 1.7,
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"trust": 1.7,
"url": "https://savannah.nongnu.org/bugs/?30658"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=oss-security\u0026m=128110167119337\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2808"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu935740"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2808"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2010:0864"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2010-2808"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2010:0737"
},
{
"trust": 0.3,
"url": "https://savannah.nongnu.org/bugs/?30656"
},
{
"trust": 0.3,
"url": "https://savannah.nongnu.org/bugs/?30657"
},
{
"trust": 0.3,
"url": "http://www.freetype.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100114534"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100156056"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2805"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2806"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2541"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2808"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1797"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2807"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3053"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=oss-security\u0026amp;m=128110167119337\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=oss-security\u0026amp;m=128111955616772\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2520"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2498"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3311"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3439"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2527"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0226"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3814"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3256"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3311"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2519"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3054"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2520"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3439"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2500"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2497"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2519"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2499"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2498"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2527"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2806"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-09.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3054"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1797"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2497"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3855"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3855"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3053"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2499"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2805"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3814"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2808"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mips.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_alpha.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45413"
},
{
"db": "BID",
"id": "42285"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"db": "PACKETSTORM",
"id": "109005"
},
{
"db": "PACKETSTORM",
"id": "92842"
},
{
"db": "PACKETSTORM",
"id": "93637"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
},
{
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-45413"
},
{
"db": "BID",
"id": "42285"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"db": "PACKETSTORM",
"id": "109005"
},
{
"db": "PACKETSTORM",
"id": "92842"
},
{
"db": "PACKETSTORM",
"id": "93637"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
},
{
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-45413"
},
{
"date": "2010-08-06T00:00:00",
"db": "BID",
"id": "42285"
},
{
"date": "2010-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"date": "2012-01-24T04:19:22",
"db": "PACKETSTORM",
"id": "109005"
},
{
"date": "2010-08-17T22:38:46",
"db": "PACKETSTORM",
"id": "92842"
},
{
"date": "2010-09-09T02:40:54",
"db": "PACKETSTORM",
"id": "93637"
},
{
"date": "2010-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-204"
},
{
"date": "2010-08-19T18:00:05.327000",
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-45413"
},
{
"date": "2015-04-13T21:45:00",
"db": "BID",
"id": "42285"
},
{
"date": "2010-12-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002141"
},
{
"date": "2023-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-204"
},
{
"date": "2023-02-13T03:19:21.663000",
"db": "NVD",
"id": "CVE-2010-2808"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109005"
},
{
"db": "PACKETSTORM",
"id": "92842"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FreeType of Mac_Read_POST_Resource Buffer overflow vulnerability in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002141"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-204"
}
],
"trust": 0.6
}
}
VAR-201403-0508
Vulnerability from variot - Updated: 2024-07-23 21:52The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk. The Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the affected computer, denying service to legitimate users. The NFSv4 implementation is one of the distributed file system protocols. The vulnerability stems from the fact that the program does not verify the auth_enable and auth_capable fields before calling sctp_sf_authenticate. (CVE-2014-2851)
Sasha Levin reported a bug in the Linux kernel's virtual memory management subsystem. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:0419-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0419.html Issue date: 2014-04-22 CVE Names: CVE-2014-0101 =====================================================================
- Summary:
Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.3 Extended Update Support.
The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Compute Node EUS (v. 6.3) - noarch, x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.3) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.3) - i386, ppc64, s390x, x86_64
-
A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. (CVE-2014-0101, Important)
Red Hat would like to thank Nokia Siemens Networks for reporting this issue.
This update also fixes the following bug:
- Due to an incorrect call of the weak-modules script in the kernel spec file, the weak-modules directory was removed from the system when removing or upgrading certain kernel packages related to weak-modules, such as kernel-debug. With this update, the weak-modules call in the kernel spec file has been corrected, and the script now preserves the weak-modules directory on the system in this scenario. (BZ#1076599)
All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.
- Package List:
Red Hat Enterprise Linux Compute Node EUS (v. 6.3):
Source: kernel-2.6.32-279.43.1.el6.src.rpm
noarch: kernel-doc-2.6.32-279.43.1.el6.noarch.rpm kernel-firmware-2.6.32-279.43.1.el6.noarch.rpm
x86_64: kernel-2.6.32-279.43.1.el6.x86_64.rpm kernel-debug-2.6.32-279.43.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.43.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.43.1.el6.x86_64.rpm kernel-devel-2.6.32-279.43.1.el6.x86_64.rpm kernel-headers-2.6.32-279.43.1.el6.x86_64.rpm perf-2.6.32-279.43.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm
Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3):
Source: kernel-2.6.32-279.43.1.el6.src.rpm
x86_64: kernel-debug-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.43.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm python-perf-2.6.32-279.43.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.3):
Source: kernel-2.6.32-279.43.1.el6.src.rpm
i386: kernel-2.6.32-279.43.1.el6.i686.rpm kernel-debug-2.6.32-279.43.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-279.43.1.el6.i686.rpm kernel-debug-devel-2.6.32-279.43.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.43.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.43.1.el6.i686.rpm kernel-devel-2.6.32-279.43.1.el6.i686.rpm kernel-headers-2.6.32-279.43.1.el6.i686.rpm perf-2.6.32-279.43.1.el6.i686.rpm perf-debuginfo-2.6.32-279.43.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.i686.rpm
noarch: kernel-doc-2.6.32-279.43.1.el6.noarch.rpm kernel-firmware-2.6.32-279.43.1.el6.noarch.rpm
ppc64: kernel-2.6.32-279.43.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-279.43.1.el6.ppc64.rpm kernel-debug-2.6.32-279.43.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-279.43.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-279.43.1.el6.ppc64.rpm kernel-devel-2.6.32-279.43.1.el6.ppc64.rpm kernel-headers-2.6.32-279.43.1.el6.ppc64.rpm perf-2.6.32-279.43.1.el6.ppc64.rpm perf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm
s390x: kernel-2.6.32-279.43.1.el6.s390x.rpm kernel-debug-2.6.32-279.43.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-279.43.1.el6.s390x.rpm kernel-debug-devel-2.6.32-279.43.1.el6.s390x.rpm kernel-debuginfo-2.6.32-279.43.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-279.43.1.el6.s390x.rpm kernel-devel-2.6.32-279.43.1.el6.s390x.rpm kernel-headers-2.6.32-279.43.1.el6.s390x.rpm kernel-kdump-2.6.32-279.43.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-279.43.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-279.43.1.el6.s390x.rpm perf-2.6.32-279.43.1.el6.s390x.rpm perf-debuginfo-2.6.32-279.43.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.s390x.rpm
x86_64: kernel-2.6.32-279.43.1.el6.x86_64.rpm kernel-debug-2.6.32-279.43.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.43.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.43.1.el6.x86_64.rpm kernel-devel-2.6.32-279.43.1.el6.x86_64.rpm kernel-headers-2.6.32-279.43.1.el6.x86_64.rpm perf-2.6.32-279.43.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.3):
Source: kernel-2.6.32-279.43.1.el6.src.rpm
i386: kernel-debug-debuginfo-2.6.32-279.43.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.43.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.43.1.el6.i686.rpm perf-debuginfo-2.6.32-279.43.1.el6.i686.rpm python-perf-2.6.32-279.43.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.i686.rpm
ppc64: kernel-debug-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-279.43.1.el6.ppc64.rpm perf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm python-perf-2.6.32-279.43.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm
s390x: kernel-debug-debuginfo-2.6.32-279.43.1.el6.s390x.rpm kernel-debuginfo-2.6.32-279.43.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-279.43.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-279.43.1.el6.s390x.rpm perf-debuginfo-2.6.32-279.43.1.el6.s390x.rpm python-perf-2.6.32-279.43.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.s390x.rpm
x86_64: kernel-debug-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.43.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm python-perf-2.6.32-279.43.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2014-0101.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTVqvnXlSAg2UNWIIRAskwAKDFhD3zS1sh/vhrk31MzjZjFuD8kwCfdeRV 1nSgXH01tADV2vYadphGfKs= =2Sa7 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-2225-1 May 27, 2014
linux-lts-saucy vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux-lts-saucy: Linux hardware enablement kernel from Saucy
Details:
Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)
Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-0055)
A flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)
Nikolay Aleksandrov discovered a race condition in Linux kernel's IPv4 fragment handling code. (CVE-2014-0100)
A flaw was discovered in the Linux kernel's handling of the SCTP handshake. (CVE-2014-0101)
A flaw was discovered in the handling of routing information in Linux kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)
An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)
Max Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. (CVE-2014-2672)
Adhemerval Zanella Neto discovered a flaw the in the Transactional Memory (TM) implementation for powerpc based machine. (CVE-2014-2673)
An error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. (CVE-2014-2678)
Yaara Rozenblum discovered a race condition in the Linux kernel's Generic IEEE 802.11 Networking Stack (mac80211). (CVE-2014-2706)
A flaw was discovered in the Linux kernel's ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: linux-image-3.11.0-22-generic 3.11.0-22.38~precise1 linux-image-3.11.0-22-generic-lpae 3.11.0-22.38~precise1
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0508",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-iq device",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-iq cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.11"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip enterprise manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.12.15"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.3"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.4.84"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "2.6.24"
},
{
"model": "big-iq adc",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.5"
},
{
"model": "big-ip wan optimization manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip protocol security module",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-iq cloud",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip enterprise manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "2.1.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.13.7"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.6.0"
},
{
"model": "big-ip enterprise manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "2.3.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.2.56"
},
{
"model": "big-ip wan optimization manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip enterprise manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "3.0.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.10.34"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.13"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.3"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-iq security",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip protocol security module",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-iq device",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-iq security",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "kernel",
"scope": "lte",
"trust": 0.8,
"vendor": "linux",
"version": "3.13.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.13.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.10.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.13.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.13.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.12.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.12.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.13.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.13.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.13.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.19.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25"
},
{
"model": "kernel rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.40"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.12"
},
{
"model": "kernel 2.6.33-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.43"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.52"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.11.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel rc5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.4"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.39"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18"
},
{
"model": "linux enterprise server unsupported extras",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.50"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.14.6"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.9"
},
{
"model": "kernel rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.47"
},
{
"model": "kernel 2.6.36-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.46"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18"
},
{
"model": "hat enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.19.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.22"
},
{
"model": "kernel 2.6.35-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.48"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.15.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.21.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.8"
},
{
"model": "hat enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35.13"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.11.2"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.29.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.25"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18.6"
},
{
"model": "kernel rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.33.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18.2"
},
{
"model": "kernel 2.6.36-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel 2.6.28-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.19.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.15.2"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.53"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.41"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.11.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.2"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.5"
},
{
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.4"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.4"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.10"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.49"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.35"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.4"
},
{
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "kernel 2.6.36-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.3"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel 2.6.28-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.21.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.3113"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.17.8"
},
{
"model": "kernel 2.6.35-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.21.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20-2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.34"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.30"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.29.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.11.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.1"
},
{
"model": "kernel 2.6.36-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.13"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.2"
},
{
"model": "kernel rc7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.4"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18.8"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.13.5"
},
{
"model": "kernel rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.6"
},
{
"model": "opensuse factory",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.17"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.18"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.39"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.214"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.44"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.19.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.11.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.11"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.1"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.9"
},
{
"model": "kernel rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.21.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.22"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.14.7"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.13"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.33.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.15.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.16"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.9"
},
{
"model": "kernel 2.6.36-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.11.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.9"
},
{
"model": "kernel 2.6.35-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.33"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.26"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.5"
},
{
"model": "kernel rc6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.12"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.2"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel 2.6.35-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.51"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.51"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.33"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.09"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.49"
},
{
"model": "kernel -rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.11"
},
{
"model": "kernel 2.6.28-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.315"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.20.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.4"
},
{
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.37.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.21.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.24"
},
{
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.20"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.16.46"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.18-53"
},
{
"model": "kernel rc6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.17"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.17"
},
{
"model": "kernel -rc6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30"
}
],
"sources": [
{
"db": "BID",
"id": "65943"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-197"
},
{
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.56",
"versionStartIncluding": "2.6.24",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.84",
"versionStartIncluding": "3.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.10.34",
"versionStartIncluding": "3.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.12.15",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.13.7",
"versionStartIncluding": "3.13",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.5.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.4.1",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.3.0",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.0",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5.3",
"versionStartIncluding": "11.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "126343"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126795"
},
{
"db": "PACKETSTORM",
"id": "126793"
},
{
"db": "PACKETSTORM",
"id": "126798"
},
{
"db": "PACKETSTORM",
"id": "126346"
}
],
"trust": 0.6
},
"cve": "CVE-2014-0101",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-0101",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-67594",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0101",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0101",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-197",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-67594",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0101",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67594"
},
{
"db": "VULMON",
"id": "CVE-2014-0101"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-197"
},
{
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk. The Linux kernel is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the affected computer, denying service to legitimate users. The NFSv4 implementation is one of the distributed file system protocols. The vulnerability stems from the fact that the program does not verify the auth_enable and auth_capable fields before calling sctp_sf_authenticate. \n(CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel\u0027s virtual memory management\nsubsystem. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2014:0419-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0419.html\nIssue date: 2014-04-22\nCVE Names: CVE-2014-0101 \n=====================================================================\n\n1. Summary:\n\nUpdated kernel packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 6.3 Extended Update Support. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Compute Node EUS (v. 6.3) - noarch, x86_64\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.3) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.3) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.3) - i386, ppc64, s390x, x86_64\n\n3. \n\n* A flaw was found in the way the Linux kernel processed an authenticated\nCOOKIE_ECHO chunk during the initialization of an SCTP connection. (CVE-2014-0101, Important)\n\nRed Hat would like to thank Nokia Siemens Networks for reporting this\nissue. \n\nThis update also fixes the following bug:\n\n* Due to an incorrect call of the weak-modules script in the kernel spec\nfile, the weak-modules directory was removed from the system when removing\nor upgrading certain kernel packages related to weak-modules, such as\nkernel-debug. With this update, the weak-modules call in the kernel spec\nfile has been corrected, and the script now preserves the weak-modules\ndirectory on the system in this scenario. (BZ#1076599)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not use\n\"rpm -Uvh\" as that will remove the running kernel binaries from your\nsystem. You may use \"rpm -e\" to remove old kernels after determining that\nthe new kernel functions properly on your system. \n\n5. Package List:\n\nRed Hat Enterprise Linux Compute Node EUS (v. 6.3):\n\nSource:\nkernel-2.6.32-279.43.1.el6.src.rpm\n\nnoarch:\nkernel-doc-2.6.32-279.43.1.el6.noarch.rpm\nkernel-firmware-2.6.32-279.43.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debug-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-devel-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-headers-2.6.32-279.43.1.el6.x86_64.rpm\nperf-2.6.32-279.43.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.3):\n\nSource:\nkernel-2.6.32-279.43.1.el6.src.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-279.43.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\npython-perf-2.6.32-279.43.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.3):\n\nSource:\nkernel-2.6.32-279.43.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-279.43.1.el6.i686.rpm\nkernel-debug-2.6.32-279.43.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-279.43.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-279.43.1.el6.i686.rpm\nkernel-devel-2.6.32-279.43.1.el6.i686.rpm\nkernel-headers-2.6.32-279.43.1.el6.i686.rpm\nperf-2.6.32-279.43.1.el6.i686.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.i686.rpm\n\nnoarch:\nkernel-doc-2.6.32-279.43.1.el6.noarch.rpm\nkernel-firmware-2.6.32-279.43.1.el6.noarch.rpm\n\nppc64:\nkernel-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-bootwrapper-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-debug-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-debug-devel-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-devel-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-headers-2.6.32-279.43.1.el6.ppc64.rpm\nperf-2.6.32-279.43.1.el6.ppc64.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm\n\ns390x:\nkernel-2.6.32-279.43.1.el6.s390x.rpm\nkernel-debug-2.6.32-279.43.1.el6.s390x.rpm\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\nkernel-debug-devel-2.6.32-279.43.1.el6.s390x.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-279.43.1.el6.s390x.rpm\nkernel-devel-2.6.32-279.43.1.el6.s390x.rpm\nkernel-headers-2.6.32-279.43.1.el6.s390x.rpm\nkernel-kdump-2.6.32-279.43.1.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\nkernel-kdump-devel-2.6.32-279.43.1.el6.s390x.rpm\nperf-2.6.32-279.43.1.el6.s390x.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\n\nx86_64:\nkernel-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debug-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-devel-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-headers-2.6.32-279.43.1.el6.x86_64.rpm\nperf-2.6.32-279.43.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.3):\n\nSource:\nkernel-2.6.32-279.43.1.el6.src.rpm\n\ni386:\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-279.43.1.el6.i686.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.i686.rpm\npython-perf-2.6.32-279.43.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.i686.rpm\n\nppc64:\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-279.43.1.el6.ppc64.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm\npython-perf-2.6.32-279.43.1.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.ppc64.rpm\n\ns390x:\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-279.43.1.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\npython-perf-2.6.32-279.43.1.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.s390x.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-279.43.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\npython-perf-2.6.32-279.43.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-279.43.1.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2014-0101.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTVqvnXlSAg2UNWIIRAskwAKDFhD3zS1sh/vhrk31MzjZjFuD8kwCfdeRV\n1nSgXH01tADV2vYadphGfKs=\n=2Sa7\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ============================================================================\nUbuntu Security Notice USN-2225-1\nMay 27, 2014\n\nlinux-lts-saucy vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the kernel. \n\nSoftware Description:\n- linux-lts-saucy: Linux hardware enablement kernel from Saucy\n\nDetails:\n\nMatthew Daley reported an information leak in the floppy disk driver of the\nLinux kernel. An unprivileged local user could exploit this flaw to obtain\npotentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel\u0027s IPv4\nfragment handling code. \n(CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel\u0027s handling of the SCTP handshake. (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel\u0027s IPv6 stack. A remote attacker could exploit this flaw to cause a\ndenial of service (memory consumption) via a flood of ICMPv6 router\nadvertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u0027s DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\nin the Linux kernel. (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory\n(TM) implementation for powerpc based machine. \n(CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. \n(CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u0027s Generic\nIEEE 802.11 Networking Stack (mac80211). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u0027s ping sockets. An unprivileged\nlocal user could exploit this flaw to cause a denial of service (system\ncrash) or possibly gain privileges via a crafted application. \n(CVE-2014-2851)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n linux-image-3.11.0-22-generic 3.11.0-22.38~precise1\n linux-image-3.11.0-22-generic-lpae 3.11.0-22.38~precise1\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. Unless you\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\nlinux-server, linux-powerpc), a standard system upgrade will automatically\nperform this as well",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0101"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"db": "BID",
"id": "65943"
},
{
"db": "VULHUB",
"id": "VHN-67594"
},
{
"db": "VULMON",
"id": "CVE-2014-0101"
},
{
"db": "PACKETSTORM",
"id": "126343"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126795"
},
{
"db": "PACKETSTORM",
"id": "126793"
},
{
"db": "PACKETSTORM",
"id": "126255"
},
{
"db": "PACKETSTORM",
"id": "126798"
},
{
"db": "PACKETSTORM",
"id": "126346"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-67594",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67594"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0101",
"trust": 3.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/03/04/6",
"trust": 2.6
},
{
"db": "BID",
"id": "65943",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "59216",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201403-197",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "126346",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126255",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126343",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126295",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126729",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-67594",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0101",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126800",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126795",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126793",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126798",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67594"
},
{
"db": "VULMON",
"id": "CVE-2014-0101"
},
{
"db": "BID",
"id": "65943"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"db": "PACKETSTORM",
"id": "126343"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126795"
},
{
"db": "PACKETSTORM",
"id": "126793"
},
{
"db": "PACKETSTORM",
"id": "126255"
},
{
"db": "PACKETSTORM",
"id": "126798"
},
{
"db": "PACKETSTORM",
"id": "126346"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-197"
},
{
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"id": "VAR-201403-0508",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67594"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:52:28.560000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable",
"trust": 0.8,
"url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
},
{
"title": "Linux Kernel Archives",
"trust": 0.8,
"url": "http://www.kernel.org"
},
{
"title": "net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable",
"trust": 0.8,
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ec0223ec48a90cb605244b45f7c62de856403729"
},
{
"title": "Bug 1070705",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
},
{
"title": "RHSA-2014:0328",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0328.html"
},
{
"title": "fba54a407bb2b7c2aae62ac2d03df806bc1a794a",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=48590"
},
{
"title": "11dac21e658690cdf01d7eb41c7e653d142ad9d4",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=48589"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2173-1"
},
{
"title": "Ubuntu Security Notice: linux-ec2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2174-1"
},
{
"title": "Amazon Linux AMI: ALAS-2014-317",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-317"
},
{
"title": "Red Hat: CVE-2014-0101",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0101"
},
{
"title": "Ubuntu Security Notice: linux-lts-quantal vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2223-1"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2228-1"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2221-1"
},
{
"title": "Ubuntu Security Notice: linux-lts-raring vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2224-1"
},
{
"title": "Ubuntu Security Notice: linux-ti-omap4 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2227-1"
},
{
"title": "Ubuntu Security Notice: linux-lts-saucy vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2225-1"
},
{
"title": "DRA_writeup",
"trust": 0.1,
"url": "https://github.com/kpn-ciso/dra_writeup "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0101"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-197"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67594"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
},
{
"trust": 2.1,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
},
{
"trust": 2.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0419.html"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-2173-1"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-2174-1"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/59216"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/65943"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0328.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0432.html"
},
{
"trust": 1.8,
"url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
},
{
"trust": 1.7,
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3ba=commit%3bh=ec0223ec48a90cb605244b45f7c62de856403729"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0101"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0101"
},
{
"trust": 0.7,
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ec0223ec48a90cb605244b45f7c62de856403729"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0101"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2523"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2014:0419"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2014-0101"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2014:0432"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2014:0520"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2014:0328"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2706"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2851"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1738"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2309"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2678"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2672"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1737"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0077"
},
{
"trust": 0.3,
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bbd0d59809f9"
},
{
"trust": 0.3,
"url": "http://www.kernel.org/"
},
{
"trust": 0.3,
"url": "http://patchwork.ozlabs.org/patch/325898/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180030"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0069"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4483"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0055"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-alas-2014-317"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2173-1/"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/linuxrpm-rhsa-2014-0432"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/2.6.32-58.120"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1446.65"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2227-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0196"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3122"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-raring/3.8.0-41.60~precise1"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2224-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.2.0-63.95"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2221-1"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0101.html"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-saucy/3.11.0-22.38~precise1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2673"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2225-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0100"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-363.76"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67594"
},
{
"db": "VULMON",
"id": "CVE-2014-0101"
},
{
"db": "BID",
"id": "65943"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"db": "PACKETSTORM",
"id": "126343"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126795"
},
{
"db": "PACKETSTORM",
"id": "126793"
},
{
"db": "PACKETSTORM",
"id": "126255"
},
{
"db": "PACKETSTORM",
"id": "126798"
},
{
"db": "PACKETSTORM",
"id": "126346"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-197"
},
{
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-67594"
},
{
"db": "VULMON",
"id": "CVE-2014-0101"
},
{
"db": "BID",
"id": "65943"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"db": "PACKETSTORM",
"id": "126343"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126795"
},
{
"db": "PACKETSTORM",
"id": "126793"
},
{
"db": "PACKETSTORM",
"id": "126255"
},
{
"db": "PACKETSTORM",
"id": "126798"
},
{
"db": "PACKETSTORM",
"id": "126346"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-197"
},
{
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-11T00:00:00",
"db": "VULHUB",
"id": "VHN-67594"
},
{
"date": "2014-03-11T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0101"
},
{
"date": "2014-02-27T00:00:00",
"db": "BID",
"id": "65943"
},
{
"date": "2014-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"date": "2014-04-26T18:57:25",
"db": "PACKETSTORM",
"id": "126343"
},
{
"date": "2014-05-27T16:02:18",
"db": "PACKETSTORM",
"id": "126800"
},
{
"date": "2014-05-27T16:00:50",
"db": "PACKETSTORM",
"id": "126795"
},
{
"date": "2014-05-27T16:00:19",
"db": "PACKETSTORM",
"id": "126793"
},
{
"date": "2014-04-22T23:41:05",
"db": "PACKETSTORM",
"id": "126255"
},
{
"date": "2014-05-27T16:02:06",
"db": "PACKETSTORM",
"id": "126798"
},
{
"date": "2014-04-26T18:57:45",
"db": "PACKETSTORM",
"id": "126346"
},
{
"date": "2014-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-197"
},
{
"date": "2014-03-11T13:01:06.733000",
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-67594"
},
{
"date": "2020-08-25T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0101"
},
{
"date": "2015-04-13T20:26:00",
"db": "BID",
"id": "65943"
},
{
"date": "2014-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001608"
},
{
"date": "2023-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-197"
},
{
"date": "2023-02-13T00:32:28.940000",
"db": "NVD",
"id": "CVE-2014-0101"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "126343"
},
{
"db": "PACKETSTORM",
"id": "126255"
},
{
"db": "PACKETSTORM",
"id": "126346"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-197"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel of net/sctp/sm_statefuns.c Inside sctp_sf_do_5_1D_ce Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001608"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-197"
}
],
"trust": 0.6
}
}
VAR-201804-1186
Vulnerability from variot - Updated: 2024-07-23 21:52An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of RenderLayer objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.3; Safari prior to 11.1; Windows-based iCloud prior to 7.4; Windows-based iTunes prior to 12.7.4; tvOS prior to 11.3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04
https://security.gentoo.org/
Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04
Synopsis
Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution.
Background
WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4
Description
Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4"
References
[ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201808-04
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2018-0003
Date reported : April 04, 2018 Advisory ID : WSA-2018-0003 Advisory URL : https://webkitgtk.org/security/WSA-2018-0003.html CVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165.
Several vulnerabilities were discovered in WebKitGTK+. Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to OSS-Fuzz. Impact: Unexpected interaction with indexing types causing an ASSERT failure. Description: An array indexing issue existed in the handling of a function in JavaScriptCore. This issue was addressed through improved checks. Credit to OSS-Fuzz. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher. Impact: A malicious website may exfiltrate data cross-origin. Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to an anonymous researcher working with Trend Microys Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Zach Markley. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation. Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack. This issue was addressed with improved URL validation. Credit to OSS-Fuzz. Impact: Processing maliciously crafted web content may lead to a denial of service. Description: A memory corruption issue was addressed through improved input validation. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to WanderingGlitch of Trend Micro's Zero Day Initiative. Description: Multiple memory corruption issues were addressed with improved memory handling. Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption issues were addressed with improved memory handling.
We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases.
Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html
The WebKitGTK+ team, April 04, 2018 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2018-3-29-1 iOS 11.3
iOS 11.3 is now available and addresses the following:
Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes Description: An information disclosure issue existed in the handling of alarms and timers. CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer)
CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel GroA (@5aelo) CVE-2018-4158: Samuel GroA (@5aelo)
CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
File System Events Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel GroA (@5aelo)
Files Widget Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: File Widget may display contents on a locked device Description: The File Widget was displaying cached data when in the locked state. CVE-2018-4168: Brandon Moore
Find My iPhone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. CVE-2018-4172: Viljami VastamA$?ki
iCloud Drive Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4151: Samuel GroA (@5aelo)
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6)
Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4174: an anonymous researcher, an anonymous researcher
NSURLSession Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel GroA (@5aelo)
PluginKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4156: Samuel GroA (@5aelo)
Quick Look Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel GroA (@5aelo)
Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department
Safari Login AutoFill Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction. Description: Safari autofill did not require explicit user interaction before taking place. CVE-2018-4137:
SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to user interface spoofing Description: A state management issue was addressed by disabling text input until the destination page loads. CVE-2018-4149: Abhinash Jain (@abhinashjain)
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo)
Storage Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4154: Samuel GroA (@5aelo)
System Preferences Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera
Telephony Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker can cause a device to unexpectedly restart Description: A null pointer dereference issue existed when handling Class 0 SMS messages. CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV
Web App Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in web app Description: A cookie management issue was addressed through improved state management. CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4146: found by OSS-Fuzz
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. CVE-2018-4117: an anonymous researcher, an anonymous researcher
WindowServer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH
Additional recognition
WebKit We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance.
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About.
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0 TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs +Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU 0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi +7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g 70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo= =RJi8 -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3635-1 April 30, 2018
webkit2gtk vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description: - webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1
Ubuntu 16.04 LTS: libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1 libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3635-1 CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165
Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1
.
Installation note:
Safari 11.1 may be obtained from the Mac App Store
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1186",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.7.4"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.3"
},
{
"model": "webkitgtk\\+",
"scope": "lt",
"trust": 1.0,
"vendor": "webkitgtk",
"version": "2.20.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.3"
},
{
"model": "icloud",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.4"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.1"
},
{
"model": "icloud",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.4 (windows 7 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (ipad air or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (iphone 5s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (ipod touch first 6 generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 12.7.4 (windows 7 or later )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (macos high sierra 10.13.4)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (macos sierra 10.12.6)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (os x el capitan 10.11.6)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (apple tv 4k)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.3 (apple tv first 4 generation )"
},
{
"model": "safari",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "11.1.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "11.1.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "12.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.6.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "12.2.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.6.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "11.2.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "11.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "11.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.6"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-179"
},
{
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.7.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.20.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-274"
}
],
"trust": 0.7
},
"cve": "CVE-2018-4127",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-4127",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-134158",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-4127",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4127",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-4127",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-179",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134158",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-4127",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"db": "VULHUB",
"id": "VHN-134158"
},
{
"db": "VULMON",
"id": "CVE-2018-4127"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-179"
},
{
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of RenderLayer objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 11.3; Safari prior to 11.1; Windows-based iCloud prior to 7.4; Windows-based iTunes prior to 12.7.4; tvOS prior to 11.3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201808-04\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: WebkitGTK+: Multiple vulnerabilities\n Date: August 22, 2018\n Bugs: #652820, #658168, #662974\n ID: 201808-04\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in WebKitGTK+, the worst of\nwhich may lead to arbitrary code execution. \n\nBackground\n==========\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine,\nsuitable for projects requiring any kind of web integration, from\nhybrid HTML/CSS applications to full-fledged web browsers. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/webkit-gtk \u003c 2.20.4 \u003e= 2.20.4\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please\nreview the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll WebkitGTK+ users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-libs/webkit-gtk-2.20.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-11646\n https://nvd.nist.gov/vuln/detail/CVE-2018-11646\n[ 2 ] CVE-2018-11712\n https://nvd.nist.gov/vuln/detail/CVE-2018-11712\n[ 3 ] CVE-2018-11713\n https://nvd.nist.gov/vuln/detail/CVE-2018-11713\n[ 4 ] CVE-2018-12293\n https://nvd.nist.gov/vuln/detail/CVE-2018-12293\n[ 5 ] CVE-2018-12294\n https://nvd.nist.gov/vuln/detail/CVE-2018-12294\n[ 6 ] CVE-2018-4101\n https://nvd.nist.gov/vuln/detail/CVE-2018-4101\n[ 7 ] CVE-2018-4113\n https://nvd.nist.gov/vuln/detail/CVE-2018-4113\n[ 8 ] CVE-2018-4114\n https://nvd.nist.gov/vuln/detail/CVE-2018-4114\n[ 9 ] CVE-2018-4117\n https://nvd.nist.gov/vuln/detail/CVE-2018-4117\n[ 10 ] CVE-2018-4118\n https://nvd.nist.gov/vuln/detail/CVE-2018-4118\n[ 11 ] CVE-2018-4119\n https://nvd.nist.gov/vuln/detail/CVE-2018-4119\n[ 12 ] CVE-2018-4120\n https://nvd.nist.gov/vuln/detail/CVE-2018-4120\n[ 13 ] CVE-2018-4121\n https://nvd.nist.gov/vuln/detail/CVE-2018-4121\n[ 14 ] CVE-2018-4122\n https://nvd.nist.gov/vuln/detail/CVE-2018-4122\n[ 15 ] CVE-2018-4125\n https://nvd.nist.gov/vuln/detail/CVE-2018-4125\n[ 16 ] CVE-2018-4127\n https://nvd.nist.gov/vuln/detail/CVE-2018-4127\n[ 17 ] CVE-2018-4128\n https://nvd.nist.gov/vuln/detail/CVE-2018-4128\n[ 18 ] CVE-2018-4129\n https://nvd.nist.gov/vuln/detail/CVE-2018-4129\n[ 19 ] CVE-2018-4133\n https://nvd.nist.gov/vuln/detail/CVE-2018-4133\n[ 20 ] CVE-2018-4146\n https://nvd.nist.gov/vuln/detail/CVE-2018-4146\n[ 21 ] CVE-2018-4162\n https://nvd.nist.gov/vuln/detail/CVE-2018-4162\n[ 22 ] CVE-2018-4163\n https://nvd.nist.gov/vuln/detail/CVE-2018-4163\n[ 23 ] CVE-2018-4165\n https://nvd.nist.gov/vuln/detail/CVE-2018-4165\n[ 24 ] CVE-2018-4190\n https://nvd.nist.gov/vuln/detail/CVE-2018-4190\n[ 25 ] CVE-2018-4192\n https://nvd.nist.gov/vuln/detail/CVE-2018-4192\n[ 26 ] CVE-2018-4199\n https://nvd.nist.gov/vuln/detail/CVE-2018-4199\n[ 27 ] CVE-2018-4200\n https://nvd.nist.gov/vuln/detail/CVE-2018-4200\n[ 28 ] CVE-2018-4201\n https://nvd.nist.gov/vuln/detail/CVE-2018-4201\n[ 29 ] CVE-2018-4204\n https://nvd.nist.gov/vuln/detail/CVE-2018-4204\n[ 30 ] CVE-2018-4214\n https://nvd.nist.gov/vuln/detail/CVE-2018-4214\n[ 31 ] CVE-2018-4218\n https://nvd.nist.gov/vuln/detail/CVE-2018-4218\n[ 32 ] CVE-2018-4222\n https://nvd.nist.gov/vuln/detail/CVE-2018-4222\n[ 33 ] CVE-2018-4232\n https://nvd.nist.gov/vuln/detail/CVE-2018-4232\n[ 34 ] CVE-2018-4233\n https://nvd.nist.gov/vuln/detail/CVE-2018-4233\n[ 35 ] CVE-2018-4261\n https://nvd.nist.gov/vuln/detail/CVE-2018-4261\n[ 36 ] CVE-2018-4262\n https://nvd.nist.gov/vuln/detail/CVE-2018-4262\n[ 37 ] CVE-2018-4263\n https://nvd.nist.gov/vuln/detail/CVE-2018-4263\n[ 38 ] CVE-2018-4264\n https://nvd.nist.gov/vuln/detail/CVE-2018-4264\n[ 39 ] CVE-2018-4265\n https://nvd.nist.gov/vuln/detail/CVE-2018-4265\n[ 40 ] CVE-2018-4266\n https://nvd.nist.gov/vuln/detail/CVE-2018-4266\n[ 41 ] CVE-2018-4267\n https://nvd.nist.gov/vuln/detail/CVE-2018-4267\n[ 42 ] CVE-2018-4270\n https://nvd.nist.gov/vuln/detail/CVE-2018-4270\n[ 43 ] CVE-2018-4272\n https://nvd.nist.gov/vuln/detail/CVE-2018-4272\n[ 44 ] CVE-2018-4273\n https://nvd.nist.gov/vuln/detail/CVE-2018-4273\n[ 45 ] CVE-2018-4278\n https://nvd.nist.gov/vuln/detail/CVE-2018-4278\n[ 46 ] CVE-2018-4284\n https://nvd.nist.gov/vuln/detail/CVE-2018-4284\n[ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003\n https://webkitgtk.org/security/WSA-2018-0003.html\n[ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004\n https://webkitgtk.org/security/WSA-2018-0004.html\n[ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005\n https://webkitgtk.org/security/WSA-2018-0005.html\n[ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006\n https://webkitgtk.org/security/WSA-2018-0006.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201808-04\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n. ------------------------------------------------------------------------\nWebKitGTK+ Security Advisory WSA-2018-0003\n------------------------------------------------------------------------\n\nDate reported : April 04, 2018\nAdvisory ID : WSA-2018-0003\nAdvisory URL : https://webkitgtk.org/security/WSA-2018-0003.html\nCVE identifiers : CVE-2018-4101, CVE-2018-4113, CVE-2018-4114,\n CVE-2018-4117, CVE-2018-4118, CVE-2018-4119,\n CVE-2018-4120, CVE-2018-4122, CVE-2018-4125,\n CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,\n CVE-2018-4133, CVE-2018-4146, CVE-2018-4161,\n CVE-2018-4162, CVE-2018-4163, CVE-2018-4165. \n\nSeveral vulnerabilities were discovered in WebKitGTK+. \n Credit to Yuan Deng of Ant-financial Light-Year Security Lab. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to OSS-Fuzz. \n Impact: Unexpected interaction with indexing types causing an ASSERT\n failure. Description: An array indexing issue existed in the\n handling of a function in JavaScriptCore. This issue was addressed\n through improved checks. \n Credit to OSS-Fuzz. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher. \n Impact: A malicious website may exfiltrate data cross-origin. \n Description: A cross-origin issue existed with the fetch API. This\n was addressed through improved input validation. \n Credit to Jun Kokatsu (@shhnjk). Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher working with Trend Microys Zero\n Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to an anonymous researcher working with Trend Microys Zero\n Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Zach Markley. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to likemeng of Baidu Security Lab working with Trend Micro\u0027s\n Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Anton Lopanitsyn of Wallarm, Linus Sarud of Detectify\n (detectify.com), Yuji Tounai of NTT Communications Corporation. \n Impact: Visiting a maliciously crafted website may lead to a cross-\n site scripting attack. This issue was addressed with improved URL\n validation. \n Credit to OSS-Fuzz. \n Impact: Processing maliciously crafted web content may lead to a\n denial of service. Description: A memory corruption issue was\n addressed through improved input validation. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to WanderingGlitch of Trend Micro\u0027s Zero Day Initiative. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n Credit to Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Description: Multiple memory corruption\n issues were addressed with improved memory handling. \n\n\nWe recommend updating to the last stable version of WebKitGTK+. It is\nthe best way of ensuring that you are running a safe version of\nWebKitGTK+. Please check our website for information about the last\nstable releases. \n\nFurther information about WebKitGTK+ Security Advisories can be found\nat: https://webkitgtk.org/security.html\n\nThe WebKitGTK+ team,\nApril 04, 2018\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2018-3-29-1 iOS 11.3\n\niOS 11.3 is now available and addresses the following:\n\nClock\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A person with physical access to an iOS device may be able to\nsee the email address used for iTunes\nDescription: An information disclosure issue existed in the handling\nof alarms and timers. \nCVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer)\n\nCoreFoundation\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4155: Samuel GroA (@5aelo)\nCVE-2018-4158: Samuel GroA (@5aelo)\n\nCoreText\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing a maliciously crafted string may lead to a denial\nof service\nDescription: A denial of service issue was addressed through improved\nmemory handling. \nCVE-2018-4142: Robin Leroy of Google Switzerland GmbH\n\nFile System Events\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4167: Samuel GroA (@5aelo)\n\nFiles Widget\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: File Widget may display contents on a locked device\nDescription: The File Widget was displaying cached data when in the\nlocked state. \nCVE-2018-4168: Brandon Moore\n\nFind My iPhone\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A person with physical access to the device may be able to\ndisable Find My iPhone without entering an iCloud password\nDescription: A state management issue existed when restoring from a\nback up. \nCVE-2018-4172: Viljami VastamA$?ki\n\niCloud Drive\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4151: Samuel GroA (@5aelo)\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4150: an anonymous researcher\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4104: The UK\u0027s National Cyber Security Centre (NCSC)\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4143: derrek (@derrekr6)\n\nMail\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker in a privileged network position may be able to\nintercept the contents of S/MIME-encrypted e-mail\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4174: an anonymous researcher, an anonymous researcher\n\nNSURLSession\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4166: Samuel GroA (@5aelo)\n\nPluginKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4156: Samuel GroA (@5aelo)\n\nQuick Look\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4157: Samuel GroA (@5aelo)\n\nSafari\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website by clicking a link may lead to\nuser interface spoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4134: xisigr of Tencent\u0027s Xuanwu Lab (tencent.com), Zhiyang\nZeng (@Wester) of Tencent Security Platform Department\n\nSafari Login AutoFill\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may be able to exfiltrate autofilled data\nin Safari without explicit user interaction. \nDescription: Safari autofill did not require explicit user\ninteraction before taking place. \nCVE-2018-4137:\n\nSafariViewController\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website may lead to user interface\nspoofing\nDescription: A state management issue was addressed by disabling text\ninput until the destination page loads. \nCVE-2018-4149: Abhinash Jain (@abhinashjain)\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to elevate privileges\nDescription: A buffer overflow was addressed with improved size\nvalidation. \nCVE-2018-4144: Abraham Masri (@cheesecakeufo)\n\nStorage\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with additional\nvalidation. \nCVE-2018-4154: Samuel GroA (@5aelo)\n\nSystem Preferences\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A configuration profile may incorrectly remain in effect\nafter removal\nDescription: An issue existed in CFPreferences. \nCVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of\nWandera\n\nTelephony\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A remote attacker can cause a device to unexpectedly restart\nDescription: A null pointer dereference issue existed when handling\nClass 0 SMS messages. \nCVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV\n\nWeb App\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Cookies may unexpectedly persist in web app\nDescription: A cookie management issue was addressed through improved\nstate management. \nCVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4146: found by OSS-Fuzz\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may exfiltrate data cross-origin\nDescription: A cross-origin issue existed with the fetch API. \nCVE-2018-4117: an anonymous researcher, an anonymous researcher\n\nWindowServer\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An unprivileged application may be able to log keystrokes\nentered into other applications even when secure input mode is\nenabled\nDescription: By scanning key states, an unprivileged application\ncould log keystrokes entered into other applications even when secure\ninput mode was enabled. \nCVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH\n\nAdditional recognition\n\nWebKit\nWe would like to acknowledge Johnny Nipper of Tinder Security Team\nfor their assistance. \n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom https://www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA\nto9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0\nTM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs\n+Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq\ng6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z\noL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU\n0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi\n+7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy\nIqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo\nRl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g\n70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj\nqlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo=\n=RJi8\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-3635-1\nApril 30, 2018\n\nwebkit2gtk vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.10\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in WebKitGTK+. \n\nSoftware Description:\n- webkit2gtk: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKitGTK+ Web and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.10:\n libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.17.10.1\n libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.17.10.1\n\nUbuntu 16.04 LTS:\n libjavascriptcoregtk-4.0-18 2.20.1-0ubuntu0.16.04.1\n libwebkit2gtk-4.0-37 2.20.1-0ubuntu0.16.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any applications\nthat use WebKitGTK+, such as Epiphany, to make all the necessary changes. \n\nReferences:\n https://usn.ubuntu.com/usn/usn-3635-1\n CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,\n CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,\n CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,\n CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,\n CVE-2018-4163, CVE-2018-4165\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1\n https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1\n\n. \n\nInstallation note:\n\nSafari 11.1 may be obtained from the Mac App Store",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4127"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"db": "VULHUB",
"id": "VHN-134158"
},
{
"db": "VULMON",
"id": "CVE-2018-4127"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146964"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146966"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146971"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4127",
"trust": 4.0
},
{
"db": "SECTRACK",
"id": "1040604",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU92378299",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5388",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-274",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201804-179",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-134158",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4127",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147241",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146964",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147433",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146966",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146969",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146971",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"db": "VULHUB",
"id": "VHN-134158"
},
{
"db": "VULMON",
"id": "CVE-2018-4127"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146964"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146966"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-179"
},
{
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"id": "VAR-201804-1186",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134158"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:52:24.271000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT208698",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208698"
},
{
"title": "HT208693",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208693"
},
{
"title": "HT208694",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208694"
},
{
"title": "HT208695",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208695"
},
{
"title": "HT208697",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht208697"
},
{
"title": "HT208693",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208693"
},
{
"title": "HT208694",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208694"
},
{
"title": "HT208695",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208695"
},
{
"title": "HT208697",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208697"
},
{
"title": "HT208698",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht208698"
},
{
"title": "Apple has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://support.apple.com/kb/ht201222"
},
{
"title": "Multiple Apple product WebKit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83031"
},
{
"title": "Apple: Safari 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=ee3f60ca20e25abaeeaa2929b7de559a"
},
{
"title": "Apple: iCloud for Windows 7.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=3c324dcae1b032626ce2245c5900fb36"
},
{
"title": "Ubuntu Security Notice: webkit2gtk vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3635-1"
},
{
"title": "Apple: iTunes 12.7.4 for Windows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=1b3706ef4ba6948ac20ebbbcffe7bc29"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2196fa008592287290cbd6678fbe10d4"
},
{
"title": "Apple: tvOS 11.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=0eeec7064403af3bc921bd387f797adc"
},
{
"title": "Apple: iOS 11.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=66db9acd354635a683838e3cd9bc2d76"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"db": "VULMON",
"id": "CVE-2018-4127"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-179"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134158"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201808-04"
},
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/3635-1/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208693"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208694"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208695"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208697"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208698"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1040604"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4127"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4127"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92378299/index.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4101"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4114"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4120"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4125"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4128"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4118"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4113"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4122"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4119"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4146"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4129"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4163"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4165"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4162"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4117"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4121"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4161"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4133"
},
{
"trust": 0.4,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4130"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4144"
},
{
"trust": 0.2,
"url": "https://webkitgtk.org/security/wsa-2018-0003.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4143"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4142"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4115"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4104"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4150"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4137"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht208695"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4265"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4233"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0004.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4264"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4261"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11713"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4263"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4270"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4214"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12294"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4262"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4284"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4266"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4273"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0006.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4267"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4272"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4200"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11712"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4278"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2018-0005.html"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4218"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security.html"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4123"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4149"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4110"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4134"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4131"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3635-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit2gtk/2.20.1-0ubuntu0.17.10.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4166"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4167"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4102"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4116"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht204283"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"db": "VULHUB",
"id": "VHN-134158"
},
{
"db": "VULMON",
"id": "CVE-2018-4127"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146964"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146966"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-179"
},
{
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"db": "VULHUB",
"id": "VHN-134158"
},
{
"db": "VULMON",
"id": "CVE-2018-4127"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"db": "PACKETSTORM",
"id": "149059"
},
{
"db": "PACKETSTORM",
"id": "147241"
},
{
"db": "PACKETSTORM",
"id": "146964"
},
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "PACKETSTORM",
"id": "146966"
},
{
"db": "PACKETSTORM",
"id": "146969"
},
{
"db": "PACKETSTORM",
"id": "146971"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-179"
},
{
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"date": "2018-04-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134158"
},
{
"date": "2018-04-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4127"
},
{
"date": "2018-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"date": "2018-08-23T18:40:24",
"db": "PACKETSTORM",
"id": "149059"
},
{
"date": "2018-04-18T13:33:33",
"db": "PACKETSTORM",
"id": "147241"
},
{
"date": "2018-03-30T15:52:10",
"db": "PACKETSTORM",
"id": "146964"
},
{
"date": "2018-05-02T04:32:41",
"db": "PACKETSTORM",
"id": "147433"
},
{
"date": "2018-03-30T15:52:53",
"db": "PACKETSTORM",
"id": "146966"
},
{
"date": "2018-03-30T15:55:24",
"db": "PACKETSTORM",
"id": "146969"
},
{
"date": "2018-03-30T15:56:03",
"db": "PACKETSTORM",
"id": "146971"
},
{
"date": "2018-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-179"
},
{
"date": "2018-04-03T06:29:05.623000",
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-274"
},
{
"date": "2019-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-134158"
},
{
"date": "2019-03-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4127"
},
{
"date": "2018-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003707"
},
{
"date": "2019-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-179"
},
{
"date": "2019-03-08T16:06:35.920000",
"db": "NVD",
"id": "CVE-2018-4127"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "147433"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-179"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Used in products Webkit Vulnerability in arbitrary code execution in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003707"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-179"
}
],
"trust": 0.6
}
}