Vulnerability-Lookup

CVE-2015-7941 (GCVE-0-2015-7941)

Vulnerability from cvelistv5 – Published: 2015-11-18 16:00 – Updated: 2024-08-06 08:06

Summary

libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

22 references

URL	Tags
http://rhn.redhat.com/errata/RHSA-2015-2550.html	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/74241	vdb-entryx_refsource_BID
http://lists.opensuse.org/opensuse-updates/2016-0…	vendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2015/10/22/5	mailing-listx_refsource_MLIST
https://git.gnome.org/browse/libxml2/commit/?id=9…	x_refsource_CONFIRM
http://www.debian.org/security/2015/dsa-3430	vendor-advisoryx_refsource_DEBIAN
http://xmlsoft.org/news.html	x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
https://bugzilla.gnome.org/show_bug.cgi?id=744980	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2016-1089.html	vendor-advisoryx_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1034243	vdb-entryx_refsource_SECTRACK
http://rhn.redhat.com/errata/RHSA-2015-2549.html	vendor-advisoryx_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2812-1	vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=145382616617563&w=2	vendor-advisoryx_refsource_HP
http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
https://h20566.www2.hpe.com/portal/site/hpsc/publ…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
https://security.gentoo.org/glsa/201701-37	vendor-advisoryx_refsource_GENTOO
http://lists.opensuse.org/opensuse-updates/2015-1…	vendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2015/10/22/8	mailing-listx_refsource_MLIST
https://git.gnome.org/browse/libxml2/commit/?id=a…	x_refsource_CONFIRM

Date Public ?

2015-10-22 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:06:31.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:2550",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
          },
          {
            "name": "74241",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74241"
          },
          {
            "name": "openSUSE-SU-2016:0106",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
          },
          {
            "name": "[oss-security] 20151022 Crafted xml causes out of bound memory access - Libxml2",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"
          },
          {
            "name": "DSA-3430",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3430"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xmlsoft.org/news.html"
          },
          {
            "name": "FEDORA-2016-a9ee80b01d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980"
          },
          {
            "name": "RHSA-2016:1089",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "1034243",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034243"
          },
          {
            "name": "RHSA-2015:2549",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
          },
          {
            "name": "USN-2812-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2812-1"
          },
          {
            "name": "HPSBGN03537",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
          },
          {
            "name": "FEDORA-2016-189a7bf68c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
          },
          {
            "name": "GLSA-201701-37",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201701-37"
          },
          {
            "name": "openSUSE-SU-2015:2372",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
          },
          {
            "name": "[oss-security] 20151022 Re: Crafted xml causes out of bound memory access - Libxml2",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2015:2550",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
        },
        {
          "name": "74241",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74241"
        },
        {
          "name": "openSUSE-SU-2016:0106",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
        },
        {
          "name": "[oss-security] 20151022 Crafted xml causes out of bound memory access - Libxml2",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"
        },
        {
          "name": "DSA-3430",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3430"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xmlsoft.org/news.html"
        },
        {
          "name": "FEDORA-2016-a9ee80b01d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980"
        },
        {
          "name": "RHSA-2016:1089",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
        },
        {
          "name": "1034243",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034243"
        },
        {
          "name": "RHSA-2015:2549",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
        },
        {
          "name": "USN-2812-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2812-1"
        },
        {
          "name": "HPSBGN03537",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
        },
        {
          "name": "FEDORA-2016-189a7bf68c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
        },
        {
          "name": "GLSA-201701-37",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201701-37"
        },
        {
          "name": "openSUSE-SU-2015:2372",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
        },
        {
          "name": "[oss-security] 20151022 Re: Crafted xml causes out of bound memory access - Libxml2",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7941",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2015:2550",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
            },
            {
              "name": "74241",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74241"
            },
            {
              "name": "openSUSE-SU-2016:0106",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
            },
            {
              "name": "[oss-security] 20151022 Crafted xml causes out of bound memory access - Libxml2",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5"
            },
            {
              "name": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489",
              "refsource": "CONFIRM",
              "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"
            },
            {
              "name": "DSA-3430",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3430"
            },
            {
              "name": "http://xmlsoft.org/news.html",
              "refsource": "CONFIRM",
              "url": "http://xmlsoft.org/news.html"
            },
            {
              "name": "FEDORA-2016-a9ee80b01d",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"
            },
            {
              "name": "https://bugzilla.gnome.org/show_bug.cgi?id=744980",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980"
            },
            {
              "name": "RHSA-2016:1089",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
            },
            {
              "name": "1034243",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034243"
            },
            {
              "name": "RHSA-2015:2549",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
            },
            {
              "name": "USN-2812-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2812-1"
            },
            {
              "name": "HPSBGN03537",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
            },
            {
              "name": "FEDORA-2016-189a7bf68c",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
            },
            {
              "name": "GLSA-201701-37",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201701-37"
            },
            {
              "name": "openSUSE-SU-2015:2372",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
            },
            {
              "name": "[oss-security] 20151022 Re: Crafted xml causes out of bound memory access - Libxml2",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8"
            },
            {
              "name": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31",
              "refsource": "CONFIRM",
              "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-7941",
    "datePublished": "2015-11-18T16:00:00.000Z",
    "dateReserved": "2015-10-22T00:00:00.000Z",
    "dateUpdated": "2024-08-06T08:06:31.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2015-7941",
      "date": "2026-05-19",
      "epss": "0.00434",
      "percentile": "0.63028"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F38D3B7E-8429-473F-BB31-FC3583EE5A5B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBBB6A7B-FEDF-4ECA-9BFC-FA4D44D57A9F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.\"}, {\"lang\": \"es\", \"value\": \"libxml2 2.9.2 no detiene adecuadamente el an\\u00e1lisis de entrada no v\\u00e1lido, lo que permite a atacantes dependientes del contexto causar una denegaci\\u00f3n de servicio (lectura fuera de rango y ca\\u00edda de libxml2) a trav\\u00e9s de datos XML manipulados en la funci\\u00f3n (1) xmlParseEntityDecl o (2) xmlParseConditionalSections en parser.c, seg\\u00fan lo demostrado por entidades non-terminated.\"}]",
      "evaluatorComment": "\"context dependent\" seems to point to MiTM attack due to: If a user or automated system were tricked into opening a specially\ncrafted document, an attacker could possibly cause libxml2 to crash,\nresulting in a denial of service. This issue only affected\nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.",
      "id": "CVE-2015-7941",
      "lastModified": "2024-11-21T02:37:42.380",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2015-11-18T16:59:04.333",
      "references": "[{\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-2549.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-2550.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1089.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2015/dsa-3430\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/10/22/5\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/10/22/8\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/74241\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id/1034243\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2812-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://xmlsoft.org/news.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://bugzilla.gnome.org/show_bug.cgi?id=744980\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.gentoo.org/glsa/201701-37\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-2549.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-2550.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1089.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2015/dsa-3430\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/10/22/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/10/22/8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/74241\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1034243\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2812-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://xmlsoft.org/news.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.gnome.org/show_bug.cgi?id=744980\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201701-37\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-7941\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-11-18T16:59:04.333\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.\"},{\"lang\":\"es\",\"value\":\"libxml2 2.9.2 no detiene adecuadamente el an\u00e1lisis de entrada no v\u00e1lido, lo que permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda de libxml2) a trav\u00e9s de datos XML manipulados en la funci\u00f3n (1) xmlParseEntityDecl o (2) xmlParseConditionalSections en parser.c, seg\u00fan lo demostrado por entidades non-terminated.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38D3B7E-8429-473F-BB31-FC3583EE5A5B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBBB6A7B-FEDF-4ECA-9BFC-FA4D44D57A9F\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-2549.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-2550.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1089.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3430\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/10/22/5\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/10/22/8\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/74241\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1034243\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2812-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://xmlsoft.org/news.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.gnome.org/show_bug.cgi?id=744980\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/201701-37\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-2549.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-2550.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1089.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3430\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/10/22/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/10/22/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/74241\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1034243\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2812-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://xmlsoft.org/news.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.gnome.org/show_bug.cgi?id=744980\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201701-37\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"\\\"context dependent\\\" seems to point to MiTM attack due to: If a user or automated system were tricked into opening a specially\\ncrafted document, an attacker could possibly cause libxml2 to crash,\\nresulting in a denial of service. This issue only affected\\nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.\"}}"
  }
}

CERTFR-2023-AVI-0499

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Tenable	Nessus Network Monitor	Nessus Network Monitor versions antérieures à 6.2.2

References

Title

Publication Time

CERTFR-2023-AVI-0499

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Tenable	Nessus Network Monitor	Nessus Network Monitor versions antérieures à 6.2.2

References

Title

Publication Time

CNVD-2015-07711

Vulnerability from cnvd - Published: 2015-11-23

Title

libxml2拒绝服务漏洞（CNVD-2015-07711）

Description

libxml2是XML解析程序和标记工具集。 libxml2 2.9.2版本存在拒绝服务漏洞，允许攻击者通过精心编制XML数据中parserc的 xmlParseEntityDecl或xmlParseConditionalSections函数造成拒绝服务。

Severity

中

Patch Name

libxml2拒绝服务漏洞（CNVD-2015-07711）的补丁

Patch Description

libxml2是XML解析程序和标记工具集。 libxml2 2.9.2版本存在拒绝服务漏洞，允许攻击者通过精心编制XML数据中parserc的 xmlParseEntityDecl或xmlParseConditionalSections函数造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://www.ubuntu.com/usn/USN-2812-1

Reference

http://www.ubuntu.com/usn/USN-2812-1

Impacted products

Name
libxml2 Libxml2 2.9.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-7941"
    }
  },
  "description": "libxml2\u662fXML\u89e3\u6790\u7a0b\u5e8f\u548c\u6807\u8bb0\u5de5\u5177\u96c6\u3002\r\n\r\nlibxml2 2.9.2\u7248\u672c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u7f16\u5236XML\u6570\u636e\u4e2dparserc\u7684 xmlParseEntityDecl\u6216xmlParseConditionalSections\u51fd\u6570\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "unknown",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.ubuntu.com/usn/USN-2812-1",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-07711",
  "openTime": "2015-11-23",
  "patchDescription": "libxml2\u662fXML\u89e3\u6790\u7a0b\u5e8f\u548c\u6807\u8bb0\u5de5\u5177\u96c6\u3002\r\n\r\nlibxml2 2.9.2\u7248\u672c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u7f16\u5236XML\u6570\u636e\u4e2dparserc\u7684 xmlParseEntityDecl\u6216xmlParseConditionalSections\u51fd\u6570\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "libxml2\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2015-07711\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "libxml2 Libxml2 2.9.2"
  },
  "referenceLink": "http://www.ubuntu.com/usn/USN-2812-1",
  "serverity": "\u4e2d",
  "submitTime": "2015-11-19",
  "title": "libxml2\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2015-07711\uff09"
}

FKIE_CVE-2015-7941

Vulnerability from fkie_nvd - Published: 2015-11-18 16:59 - Updated: 2026-05-06 22:30

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html
	cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html
	cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
	cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
	cve@mitre.org	http://marc.info/?l=bugtraq&m=145382616617563&w=2
	cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-2549.html
	cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-2550.html
	cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2016-1089.html
	cve@mitre.org	http://www.debian.org/security/2015/dsa-3430
	cve@mitre.org	http://www.openwall.com/lists/oss-security/2015/10/22/5
	cve@mitre.org	http://www.openwall.com/lists/oss-security/2015/10/22/8
	cve@mitre.org	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
	cve@mitre.org	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
	cve@mitre.org	http://www.securityfocus.com/bid/74241
	cve@mitre.org	http://www.securitytracker.com/id/1034243
	cve@mitre.org	http://www.ubuntu.com/usn/USN-2812-1
	cve@mitre.org	http://xmlsoft.org/news.html
	cve@mitre.org	https://bugzilla.gnome.org/show_bug.cgi?id=744980
	cve@mitre.org	https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489
	cve@mitre.org	https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31
	cve@mitre.org	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172
	cve@mitre.org	https://security.gentoo.org/glsa/201701-37
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=145382616617563&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-2549.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-2550.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-1089.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2015/dsa-3430
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/10/22/5
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/10/22/8
	af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/74241
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034243
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2812-1
	af854a3a-2127-422b-91ae-364da2661108	http://xmlsoft.org/news.html
	af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.gnome.org/show_bug.cgi?id=744980
	af854a3a-2127-422b-91ae-364da2661108	https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489
	af854a3a-2127-422b-91ae-364da2661108	https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31
	af854a3a-2127-422b-91ae-364da2661108	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172
	af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201701-37

Impacted products

Vendor	Product	Version
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.04
xmlsoft	libxml2	2.9.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBBB6A7B-FEDF-4ECA-9BFC-FA4D44D57A9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities."
    },
    {
      "lang": "es",
      "value": "libxml2 2.9.2 no detiene adecuadamente el an\u00e1lisis de entrada no v\u00e1lido, lo que permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda de libxml2) a trav\u00e9s de datos XML manipulados en la funci\u00f3n (1) xmlParseEntityDecl o (2) xmlParseConditionalSections en parser.c, seg\u00fan lo demostrado por entidades non-terminated."
    }
  ],
  "evaluatorComment": "\"context dependent\" seems to point to MiTM attack due to: If a user or automated system were tricked into opening a specially\ncrafted document, an attacker could possibly cause libxml2 to crash,\nresulting in a denial of service. This issue only affected\nUbuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04.",
  "id": "CVE-2015-7941",
  "lastModified": "2026-05-06T22:30:45.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-11-18T16:59:04.333",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2015/dsa-3430"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/74241"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034243"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-2812-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://xmlsoft.org/news.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.gentoo.org/glsa/201701-37"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2015/dsa-3430"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/74241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2812-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://xmlsoft.org/news.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201701-37"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-V48G-P9P2-J8CR

Vulnerability from github – Published: 2022-05-17 01:06 – Updated: 2022-05-17 01:06

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-7941"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-11-18T16:59:00Z",
    "severity": "MODERATE"
  },
  "details": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.",
  "id": "GHSA-v48g-p9p2-j8cr",
  "modified": "2022-05-17T01:06:30Z",
  "published": "2022-05-17T01:06:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7941"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980"
    },
    {
      "type": "WEB",
      "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"
    },
    {
      "type": "WEB",
      "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"
    },
    {
      "type": "WEB",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201701-37"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2015/dsa-3430"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/74241"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034243"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2812-1"
    },
    {
      "type": "WEB",
      "url": "http://xmlsoft.org/news.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2015-7941

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-7941

Aliases

CVE-2015-7941

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-7941",
    "description": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.",
    "id": "GSD-2015-7941",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-7941.html",
      "https://www.debian.org/security/2015/dsa-3430",
      "https://access.redhat.com/errata/RHSA-2016:1089",
      "https://access.redhat.com/errata/RHSA-2015:2550",
      "https://access.redhat.com/errata/RHSA-2015:2549",
      "https://ubuntu.com/security/CVE-2015-7941",
      "https://alas.aws.amazon.com/cve/html/CVE-2015-7941.html",
      "https://linux.oracle.com/cve/CVE-2015-7941.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-7941"
      ],
      "details": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.",
      "id": "GSD-2015-7941",
      "modified": "2023-12-13T01:20:01.416330Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2015-7941",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2015:2550",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
          },
          {
            "name": "74241",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/74241"
          },
          {
            "name": "openSUSE-SU-2016:0106",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
          },
          {
            "name": "[oss-security] 20151022 Crafted xml causes out of bound memory access - Libxml2",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5"
          },
          {
            "name": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489",
            "refsource": "CONFIRM",
            "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"
          },
          {
            "name": "DSA-3430",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2015/dsa-3430"
          },
          {
            "name": "http://xmlsoft.org/news.html",
            "refsource": "CONFIRM",
            "url": "http://xmlsoft.org/news.html"
          },
          {
            "name": "FEDORA-2016-a9ee80b01d",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"
          },
          {
            "name": "https://bugzilla.gnome.org/show_bug.cgi?id=744980",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980"
          },
          {
            "name": "RHSA-2016:1089",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "1034243",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034243"
          },
          {
            "name": "RHSA-2015:2549",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
          },
          {
            "name": "USN-2812-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2812-1"
          },
          {
            "name": "HPSBGN03537",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
          },
          {
            "name": "FEDORA-2016-189a7bf68c",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"
          },
          {
            "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172",
            "refsource": "CONFIRM",
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
          },
          {
            "name": "GLSA-201701-37",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201701-37"
          },
          {
            "name": "openSUSE-SU-2015:2372",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
          },
          {
            "name": "[oss-security] 20151022 Re: Crafted xml causes out of bound memory access - Libxml2",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8"
          },
          {
            "name": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31",
            "refsource": "CONFIRM",
            "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[2.9.2]",
          "affected_versions": "Version 2.9.2",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "cwe_ids": [
            "CWE-1035",
            "CWE-119",
            "CWE-937"
          ],
          "date": "2017-09-14",
          "description": "libxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.",
          "fixed_versions": [],
          "identifier": "CVE-2015-7941",
          "identifiers": [
            "CVE-2015-7941"
          ],
          "not_impacted": "",
          "package_slug": "nuget/libxml2",
          "pubdate": "2015-11-18",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2015-7941"
          ],
          "uuid": "6a861bc8-d779-420d-834d-8d8c6986b473"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7941"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20151022 Re: Crafted xml causes out of bound memory access - Libxml2",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8"
            },
            {
              "name": "USN-2812-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-2812-1"
            },
            {
              "name": "https://bugzilla.gnome.org/show_bug.cgi?id=744980",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980"
            },
            {
              "name": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"
            },
            {
              "name": "[oss-security] 20151022 Crafted xml causes out of bound memory access - Libxml2",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5"
            },
            {
              "name": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"
            },
            {
              "name": "RHSA-2015:2549",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
            },
            {
              "name": "RHSA-2015:2550",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
            },
            {
              "name": "http://xmlsoft.org/news.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://xmlsoft.org/news.html"
            },
            {
              "name": "DSA-3430",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2015/dsa-3430"
            },
            {
              "name": "HPSBGN03537",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
            },
            {
              "name": "74241",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/74241"
            },
            {
              "name": "RHSA-2016:1089",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
            },
            {
              "name": "FEDORA-2016-a9ee80b01d",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"
            },
            {
              "name": "FEDORA-2016-189a7bf68c",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"
            },
            {
              "name": "openSUSE-SU-2015:2372",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
            },
            {
              "name": "openSUSE-SU-2016:0106",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
            },
            {
              "name": "GLSA-201701-37",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/201701-37"
            },
            {
              "name": "1034243",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034243"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-09-14T01:29Z",
      "publishedDate": "2015-11-18T16:59Z"
    }
  }
}

OPENSUSE-SU-2024:10192-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

libxml2-2-2.9.4-1.22 on GA media

Severity

Moderate

Notes

Title of the patch: libxml2-2-2.9.4-1.22 on GA media

Description of the patch: These are all security issues fixed in the libxml2-2-2.9.4-1.22 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-10192

CVE-2008-4225

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2008-4226

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2008-4409

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2010-4494

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2011-1944

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2012-5134

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2013-0338

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2013-1969

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2014-0191

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2014-3660

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-1819

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-5312

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-7497

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7498

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7499

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7500

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7941

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-7942

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-8035

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-8242

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-1762

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-1833

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-1834

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-1835

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2016-1836

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-1837

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-1838

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-1839

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-1840

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2016-3627

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-3705

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2016-4483

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64	—	Vendor Fix

Threats

Impact low

References

159 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2008-4225/	self
https://www.suse.com/security/cve/CVE-2008-4226/	self
https://www.suse.com/security/cve/CVE-2008-4409/	self
https://www.suse.com/security/cve/CVE-2010-4494/	self
https://www.suse.com/security/cve/CVE-2011-1944/	self
https://www.suse.com/security/cve/CVE-2012-5134/	self
https://www.suse.com/security/cve/CVE-2013-0338/	self
https://www.suse.com/security/cve/CVE-2013-1969/	self
https://www.suse.com/security/cve/CVE-2014-0191/	self
https://www.suse.com/security/cve/CVE-2014-3660/	self
https://www.suse.com/security/cve/CVE-2015-1819/	self
https://www.suse.com/security/cve/CVE-2015-5312/	self
https://www.suse.com/security/cve/CVE-2015-7497/	self
https://www.suse.com/security/cve/CVE-2015-7498/	self
https://www.suse.com/security/cve/CVE-2015-7499/	self
https://www.suse.com/security/cve/CVE-2015-7500/	self
https://www.suse.com/security/cve/CVE-2015-7941/	self
https://www.suse.com/security/cve/CVE-2015-7942/	self
https://www.suse.com/security/cve/CVE-2015-8035/	self
https://www.suse.com/security/cve/CVE-2015-8242/	self
https://www.suse.com/security/cve/CVE-2016-1762/	self
https://www.suse.com/security/cve/CVE-2016-1833/	self
https://www.suse.com/security/cve/CVE-2016-1834/	self
https://www.suse.com/security/cve/CVE-2016-1835/	self
https://www.suse.com/security/cve/CVE-2016-1836/	self
https://www.suse.com/security/cve/CVE-2016-1837/	self
https://www.suse.com/security/cve/CVE-2016-1838/	self
https://www.suse.com/security/cve/CVE-2016-1839/	self
https://www.suse.com/security/cve/CVE-2016-1840/	self
https://www.suse.com/security/cve/CVE-2016-3627/	self
https://www.suse.com/security/cve/CVE-2016-3705/	self
https://www.suse.com/security/cve/CVE-2016-4483/	self
https://www.suse.com/security/cve/CVE-2008-4225	external
https://bugzilla.suse.com/445677	external
https://www.suse.com/security/cve/CVE-2008-4226	external
https://bugzilla.suse.com/441368	external
https://www.suse.com/security/cve/CVE-2008-4409	external
https://bugzilla.suse.com/432486	external
https://www.suse.com/security/cve/CVE-2010-4494	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/661471	external
https://www.suse.com/security/cve/CVE-2011-1944	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/697372	external
https://www.suse.com/security/cve/CVE-2012-5134	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/791234	external
https://bugzilla.suse.com/793334	external
https://bugzilla.suse.com/795039	external
https://bugzilla.suse.com/804033	external
https://www.suse.com/security/cve/CVE-2013-0338	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/805233	external
https://www.suse.com/security/cve/CVE-2013-1969	external
https://bugzilla.suse.com/815665	external
https://www.suse.com/security/cve/CVE-2014-0191	external
https://bugzilla.suse.com/1014873	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/876652	external
https://bugzilla.suse.com/877506	external
https://bugzilla.suse.com/996079	external
https://www.suse.com/security/cve/CVE-2014-3660	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/901546	external
https://www.suse.com/security/cve/CVE-2015-1819	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/928193	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-5312	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957105	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7497	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957106	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7498	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957107	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7499	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957109	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7500	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957110	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7941	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/951734	external
https://bugzilla.suse.com/951735	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7942	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/951735	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-8035	external
https://bugzilla.suse.com/1088279	external
https://bugzilla.suse.com/1105166	external
https://bugzilla.suse.com/954429	external
https://www.suse.com/security/cve/CVE-2015-8242	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956021	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2016-1762	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/981040	external
https://www.suse.com/security/cve/CVE-2016-1833	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/981108	external
https://www.suse.com/security/cve/CVE-2016-1834	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/981041	external
https://www.suse.com/security/cve/CVE-2016-1835	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/981109	external
https://www.suse.com/security/cve/CVE-2016-1836	external
https://bugzilla.suse.com/1174862	external
https://bugzilla.suse.com/981110	external
https://www.suse.com/security/cve/CVE-2016-1837	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/981111	external
https://www.suse.com/security/cve/CVE-2016-1838	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/981112	external
https://www.suse.com/security/cve/CVE-2016-1839	external
https://bugzilla.suse.com/1039069	external
https://bugzilla.suse.com/1039661	external
https://bugzilla.suse.com/1069433	external
https://bugzilla.suse.com/1069690	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/963963	external
https://bugzilla.suse.com/981114	external
https://www.suse.com/security/cve/CVE-2016-1840	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/981115	external
https://www.suse.com/security/cve/CVE-2016-3627	external
https://bugzilla.suse.com/1026099	external
https://bugzilla.suse.com/1026101	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/972335	external
https://bugzilla.suse.com/975947	external
https://www.suse.com/security/cve/CVE-2016-3705	external
https://bugzilla.suse.com/1017497	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/975947	external
https://www.suse.com/security/cve/CVE-2016-4483	external
https://bugzilla.suse.com/1026101	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/978395	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libxml2-2-2.9.4-1.22 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libxml2-2-2.9.4-1.22 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10192",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10192-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-4225 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-4225/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-4226 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-4226/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-4409 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-4409/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2010-4494 page",
        "url": "https://www.suse.com/security/cve/CVE-2010-4494/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1944 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1944/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2012-5134 page",
        "url": "https://www.suse.com/security/cve/CVE-2012-5134/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-0338 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-0338/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-1969 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-1969/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-0191 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-0191/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-3660 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-3660/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-1819 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-1819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-5312 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-5312/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7497 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7498 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7499 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7500 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7500/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7941 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7941/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7942 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7942/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8035 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8035/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8242 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8242/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1762 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1762/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1833 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1833/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1834 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1834/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1835 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1835/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1836 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1836/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1837 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1837/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1838 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1838/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1839 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1839/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1840 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1840/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3627 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3627/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-3705 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-3705/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-4483 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-4483/"
      }
    ],
    "title": "libxml2-2-2.9.4-1.22 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10192-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libxml2-2-2.9.4-1.22.aarch64",
                "product": {
                  "name": "libxml2-2-2.9.4-1.22.aarch64",
                  "product_id": "libxml2-2-2.9.4-1.22.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-2-32bit-2.9.4-1.22.aarch64",
                "product": {
                  "name": "libxml2-2-32bit-2.9.4-1.22.aarch64",
                  "product_id": "libxml2-2-32bit-2.9.4-1.22.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-devel-2.9.4-1.22.aarch64",
                "product": {
                  "name": "libxml2-devel-2.9.4-1.22.aarch64",
                  "product_id": "libxml2-devel-2.9.4-1.22.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-devel-32bit-2.9.4-1.22.aarch64",
                "product": {
                  "name": "libxml2-devel-32bit-2.9.4-1.22.aarch64",
                  "product_id": "libxml2-devel-32bit-2.9.4-1.22.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-doc-2.9.4-1.22.aarch64",
                "product": {
                  "name": "libxml2-doc-2.9.4-1.22.aarch64",
                  "product_id": "libxml2-doc-2.9.4-1.22.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-tools-2.9.4-1.22.aarch64",
                "product": {
                  "name": "libxml2-tools-2.9.4-1.22.aarch64",
                  "product_id": "libxml2-tools-2.9.4-1.22.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libxml2-2-2.9.4-1.22.ppc64le",
                "product": {
                  "name": "libxml2-2-2.9.4-1.22.ppc64le",
                  "product_id": "libxml2-2-2.9.4-1.22.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-2-32bit-2.9.4-1.22.ppc64le",
                "product": {
                  "name": "libxml2-2-32bit-2.9.4-1.22.ppc64le",
                  "product_id": "libxml2-2-32bit-2.9.4-1.22.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-devel-2.9.4-1.22.ppc64le",
                "product": {
                  "name": "libxml2-devel-2.9.4-1.22.ppc64le",
                  "product_id": "libxml2-devel-2.9.4-1.22.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-devel-32bit-2.9.4-1.22.ppc64le",
                "product": {
                  "name": "libxml2-devel-32bit-2.9.4-1.22.ppc64le",
                  "product_id": "libxml2-devel-32bit-2.9.4-1.22.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-doc-2.9.4-1.22.ppc64le",
                "product": {
                  "name": "libxml2-doc-2.9.4-1.22.ppc64le",
                  "product_id": "libxml2-doc-2.9.4-1.22.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-tools-2.9.4-1.22.ppc64le",
                "product": {
                  "name": "libxml2-tools-2.9.4-1.22.ppc64le",
                  "product_id": "libxml2-tools-2.9.4-1.22.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libxml2-2-2.9.4-1.22.s390x",
                "product": {
                  "name": "libxml2-2-2.9.4-1.22.s390x",
                  "product_id": "libxml2-2-2.9.4-1.22.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-2-32bit-2.9.4-1.22.s390x",
                "product": {
                  "name": "libxml2-2-32bit-2.9.4-1.22.s390x",
                  "product_id": "libxml2-2-32bit-2.9.4-1.22.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-devel-2.9.4-1.22.s390x",
                "product": {
                  "name": "libxml2-devel-2.9.4-1.22.s390x",
                  "product_id": "libxml2-devel-2.9.4-1.22.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-devel-32bit-2.9.4-1.22.s390x",
                "product": {
                  "name": "libxml2-devel-32bit-2.9.4-1.22.s390x",
                  "product_id": "libxml2-devel-32bit-2.9.4-1.22.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-doc-2.9.4-1.22.s390x",
                "product": {
                  "name": "libxml2-doc-2.9.4-1.22.s390x",
                  "product_id": "libxml2-doc-2.9.4-1.22.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-tools-2.9.4-1.22.s390x",
                "product": {
                  "name": "libxml2-tools-2.9.4-1.22.s390x",
                  "product_id": "libxml2-tools-2.9.4-1.22.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libxml2-2-2.9.4-1.22.x86_64",
                "product": {
                  "name": "libxml2-2-2.9.4-1.22.x86_64",
                  "product_id": "libxml2-2-2.9.4-1.22.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-2-32bit-2.9.4-1.22.x86_64",
                "product": {
                  "name": "libxml2-2-32bit-2.9.4-1.22.x86_64",
                  "product_id": "libxml2-2-32bit-2.9.4-1.22.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-devel-2.9.4-1.22.x86_64",
                "product": {
                  "name": "libxml2-devel-2.9.4-1.22.x86_64",
                  "product_id": "libxml2-devel-2.9.4-1.22.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-devel-32bit-2.9.4-1.22.x86_64",
                "product": {
                  "name": "libxml2-devel-32bit-2.9.4-1.22.x86_64",
                  "product_id": "libxml2-devel-32bit-2.9.4-1.22.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-doc-2.9.4-1.22.x86_64",
                "product": {
                  "name": "libxml2-doc-2.9.4-1.22.x86_64",
                  "product_id": "libxml2-doc-2.9.4-1.22.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libxml2-tools-2.9.4-1.22.x86_64",
                "product": {
                  "name": "libxml2-tools-2.9.4-1.22.x86_64",
                  "product_id": "libxml2-tools-2.9.4-1.22.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-2-2.9.4-1.22.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64"
        },
        "product_reference": "libxml2-2-2.9.4-1.22.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-2-2.9.4-1.22.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le"
        },
        "product_reference": "libxml2-2-2.9.4-1.22.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-2-2.9.4-1.22.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x"
        },
        "product_reference": "libxml2-2-2.9.4-1.22.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-2-2.9.4-1.22.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64"
        },
        "product_reference": "libxml2-2-2.9.4-1.22.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-2-32bit-2.9.4-1.22.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64"
        },
        "product_reference": "libxml2-2-32bit-2.9.4-1.22.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-2-32bit-2.9.4-1.22.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le"
        },
        "product_reference": "libxml2-2-32bit-2.9.4-1.22.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-2-32bit-2.9.4-1.22.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x"
        },
        "product_reference": "libxml2-2-32bit-2.9.4-1.22.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-2-32bit-2.9.4-1.22.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64"
        },
        "product_reference": "libxml2-2-32bit-2.9.4-1.22.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-devel-2.9.4-1.22.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64"
        },
        "product_reference": "libxml2-devel-2.9.4-1.22.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-devel-2.9.4-1.22.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le"
        },
        "product_reference": "libxml2-devel-2.9.4-1.22.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-devel-2.9.4-1.22.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x"
        },
        "product_reference": "libxml2-devel-2.9.4-1.22.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-devel-2.9.4-1.22.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64"
        },
        "product_reference": "libxml2-devel-2.9.4-1.22.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-devel-32bit-2.9.4-1.22.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64"
        },
        "product_reference": "libxml2-devel-32bit-2.9.4-1.22.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-devel-32bit-2.9.4-1.22.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le"
        },
        "product_reference": "libxml2-devel-32bit-2.9.4-1.22.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-devel-32bit-2.9.4-1.22.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x"
        },
        "product_reference": "libxml2-devel-32bit-2.9.4-1.22.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-devel-32bit-2.9.4-1.22.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64"
        },
        "product_reference": "libxml2-devel-32bit-2.9.4-1.22.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-doc-2.9.4-1.22.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64"
        },
        "product_reference": "libxml2-doc-2.9.4-1.22.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-doc-2.9.4-1.22.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le"
        },
        "product_reference": "libxml2-doc-2.9.4-1.22.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-doc-2.9.4-1.22.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x"
        },
        "product_reference": "libxml2-doc-2.9.4-1.22.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-doc-2.9.4-1.22.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64"
        },
        "product_reference": "libxml2-doc-2.9.4-1.22.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-tools-2.9.4-1.22.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64"
        },
        "product_reference": "libxml2-tools-2.9.4-1.22.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-tools-2.9.4-1.22.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le"
        },
        "product_reference": "libxml2-tools-2.9.4-1.22.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-tools-2.9.4-1.22.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x"
        },
        "product_reference": "libxml2-tools-2.9.4-1.22.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-tools-2.9.4-1.22.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        },
        "product_reference": "libxml2-tools-2.9.4-1.22.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-4225",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-4225"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-4225",
          "url": "https://www.suse.com/security/cve/CVE-2008-4225"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 445677 for CVE-2008-4225",
          "url": "https://bugzilla.suse.com/445677"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2008-4225"
    },
    {
      "cve": "CVE-2008-4226",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-4226"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-4226",
          "url": "https://www.suse.com/security/cve/CVE-2008-4226"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 441368 for CVE-2008-4226",
          "url": "https://bugzilla.suse.com/441368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2008-4226"
    },
    {
      "cve": "CVE-2008-4409",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-4409"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxml2 2.7.0 and 2.7.1 does not properly handle \"predefined entities definitions\" in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a certain XML document, a different vulnerability than CVE-2003-1564 and CVE-2008-3281.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-4409",
          "url": "https://www.suse.com/security/cve/CVE-2008-4409"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 432486 for CVE-2008-4409",
          "url": "https://bugzilla.suse.com/432486"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-4409"
    },
    {
      "cve": "CVE-2010-4494",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2010-4494"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2010-4494",
          "url": "https://www.suse.com/security/cve/CVE-2010-4494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2010-4494",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 661471 for CVE-2010-4494",
          "url": "https://bugzilla.suse.com/661471"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2010-4494"
    },
    {
      "cve": "CVE-2011-1944",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1944"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1944",
          "url": "https://www.suse.com/security/cve/CVE-2011-1944"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2011-1944",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 697372 for CVE-2011-1944",
          "url": "https://bugzilla.suse.com/697372"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-1944"
    },
    {
      "cve": "CVE-2012-5134",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2012-5134"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2012-5134",
          "url": "https://www.suse.com/security/cve/CVE-2012-5134"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2012-5134",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 791234 for CVE-2012-5134",
          "url": "https://bugzilla.suse.com/791234"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 793334 for CVE-2012-5134",
          "url": "https://bugzilla.suse.com/793334"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 795039 for CVE-2012-5134",
          "url": "https://bugzilla.suse.com/795039"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 804033 for CVE-2012-5134",
          "url": "https://bugzilla.suse.com/804033"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2012-5134"
    },
    {
      "cve": "CVE-2013-0338",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-0338"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka \"internal entity expansion\" with linear complexity.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-0338",
          "url": "https://www.suse.com/security/cve/CVE-2013-0338"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2013-0338",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 805233 for CVE-2013-0338",
          "url": "https://bugzilla.suse.com/805233"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2013-0338"
    },
    {
      "cve": "CVE-2013-1969",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-1969"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-1969",
          "url": "https://www.suse.com/security/cve/CVE-2013-1969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 815665 for CVE-2013-1969",
          "url": "https://bugzilla.suse.com/815665"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2013-1969"
    },
    {
      "cve": "CVE-2014-0191",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-0191"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-0191",
          "url": "https://www.suse.com/security/cve/CVE-2014-0191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1014873 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/1014873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 876652 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/876652"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877506 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/877506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 996079 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/996079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-0191"
    },
    {
      "cve": "CVE-2014-3660",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-3660"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the \"billion laughs\" attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-3660",
          "url": "https://www.suse.com/security/cve/CVE-2014-3660"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2014-3660",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 901546 for CVE-2014-3660",
          "url": "https://bugzilla.suse.com/901546"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-3660"
    },
    {
      "cve": "CVE-2015-1819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-1819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-1819",
          "url": "https://www.suse.com/security/cve/CVE-2015-1819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 928193 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/928193"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-1819"
    },
    {
      "cve": "CVE-2015-5312",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-5312"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-5312",
          "url": "https://www.suse.com/security/cve/CVE-2015-5312"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957105 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/957105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-5312"
    },
    {
      "cve": "CVE-2015-7497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7497",
          "url": "https://www.suse.com/security/cve/CVE-2015-7497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957106 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/957106"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7497"
    },
    {
      "cve": "CVE-2015-7498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7498",
          "url": "https://www.suse.com/security/cve/CVE-2015-7498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957107 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/957107"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7498"
    },
    {
      "cve": "CVE-2015-7499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7499",
          "url": "https://www.suse.com/security/cve/CVE-2015-7499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957109 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/957109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7499"
    },
    {
      "cve": "CVE-2015-7500",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7500"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7500",
          "url": "https://www.suse.com/security/cve/CVE-2015-7500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957110 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/957110"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7500"
    },
    {
      "cve": "CVE-2015-7941",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7941"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7941",
          "url": "https://www.suse.com/security/cve/CVE-2015-7941"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951734 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/951734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951735 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/951735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7941"
    },
    {
      "cve": "CVE-2015-7942",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7942"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7942",
          "url": "https://www.suse.com/security/cve/CVE-2015-7942"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951735 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/951735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7942"
    },
    {
      "cve": "CVE-2015-8035",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8035"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8035",
          "url": "https://www.suse.com/security/cve/CVE-2015-8035"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1088279 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/1088279"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1105166 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/1105166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954429 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/954429"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8035"
    },
    {
      "cve": "CVE-2015-8242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8242",
          "url": "https://www.suse.com/security/cve/CVE-2015-8242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956021 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/956021"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8242"
    },
    {
      "cve": "CVE-2016-1762",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1762"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1762",
          "url": "https://www.suse.com/security/cve/CVE-2016-1762"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-1762",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981040 for CVE-2016-1762",
          "url": "https://bugzilla.suse.com/981040"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1762"
    },
    {
      "cve": "CVE-2016-1833",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1833"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1833",
          "url": "https://www.suse.com/security/cve/CVE-2016-1833"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-1833",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981108 for CVE-2016-1833",
          "url": "https://bugzilla.suse.com/981108"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1833"
    },
    {
      "cve": "CVE-2016-1834",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1834"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1834",
          "url": "https://www.suse.com/security/cve/CVE-2016-1834"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-1834",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981041 for CVE-2016-1834",
          "url": "https://bugzilla.suse.com/981041"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1834"
    },
    {
      "cve": "CVE-2016-1835",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1835"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1835",
          "url": "https://www.suse.com/security/cve/CVE-2016-1835"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-1835",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981109 for CVE-2016-1835",
          "url": "https://bugzilla.suse.com/981109"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1835"
    },
    {
      "cve": "CVE-2016-1836",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1836"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1836",
          "url": "https://www.suse.com/security/cve/CVE-2016-1836"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174862 for CVE-2016-1836",
          "url": "https://bugzilla.suse.com/1174862"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981110 for CVE-2016-1836",
          "url": "https://bugzilla.suse.com/981110"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1836"
    },
    {
      "cve": "CVE-2016-1837",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1837"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1837",
          "url": "https://www.suse.com/security/cve/CVE-2016-1837"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-1837",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981111 for CVE-2016-1837",
          "url": "https://bugzilla.suse.com/981111"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1837"
    },
    {
      "cve": "CVE-2016-1838",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1838"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1838",
          "url": "https://www.suse.com/security/cve/CVE-2016-1838"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-1838",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981112 for CVE-2016-1838",
          "url": "https://bugzilla.suse.com/981112"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1838"
    },
    {
      "cve": "CVE-2016-1839",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1839"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1839",
          "url": "https://www.suse.com/security/cve/CVE-2016-1839"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039069 for CVE-2016-1839",
          "url": "https://bugzilla.suse.com/1039069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039661 for CVE-2016-1839",
          "url": "https://bugzilla.suse.com/1039661"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1069433 for CVE-2016-1839",
          "url": "https://bugzilla.suse.com/1069433"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1069690 for CVE-2016-1839",
          "url": "https://bugzilla.suse.com/1069690"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-1839",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 963963 for CVE-2016-1839",
          "url": "https://bugzilla.suse.com/963963"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981114 for CVE-2016-1839",
          "url": "https://bugzilla.suse.com/981114"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1839"
    },
    {
      "cve": "CVE-2016-1840",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1840"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1840",
          "url": "https://www.suse.com/security/cve/CVE-2016-1840"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-1840",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 981115 for CVE-2016-1840",
          "url": "https://bugzilla.suse.com/981115"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-1840"
    },
    {
      "cve": "CVE-2016-3627",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3627"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3627",
          "url": "https://www.suse.com/security/cve/CVE-2016-3627"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1026099 for CVE-2016-3627",
          "url": "https://bugzilla.suse.com/1026099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1026101 for CVE-2016-3627",
          "url": "https://bugzilla.suse.com/1026101"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-3627",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 972335 for CVE-2016-3627",
          "url": "https://bugzilla.suse.com/972335"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 975947 for CVE-2016-3627",
          "url": "https://bugzilla.suse.com/975947"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-3627"
    },
    {
      "cve": "CVE-2016-3705",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-3705"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-3705",
          "url": "https://www.suse.com/security/cve/CVE-2016-3705"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1017497 for CVE-2016-3705",
          "url": "https://bugzilla.suse.com/1017497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-3705",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 975947 for CVE-2016-3705",
          "url": "https://bugzilla.suse.com/975947"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-3705"
    },
    {
      "cve": "CVE-2016-4483",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-4483"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization.  NOTE: this vulnerability may be a duplicate of CVE-2016-3627.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
          "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-4483",
          "url": "https://www.suse.com/security/cve/CVE-2016-4483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1026101 for CVE-2016-4483",
          "url": "https://bugzilla.suse.com/1026101"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-4483",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 978395 for CVE-2016-4483",
          "url": "https://bugzilla.suse.com/978395"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-2-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-devel-32bit-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-doc-2.9.4-1.22.x86_64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.aarch64",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.ppc64le",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.s390x",
            "openSUSE Tumbleweed:libxml2-tools-2.9.4-1.22.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-4483"
    }
  ]
}

OPENSUSE-SU-2024:10549-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

ruby2.2-rubygem-nokogiri-1.6.8.1-1.3 on GA media

Severity

Moderate

Notes

Title of the patch: ruby2.2-rubygem-nokogiri-1.6.8.1-1.3 on GA media

Description of the patch: These are all security issues fixed in the ruby2.2-rubygem-nokogiri-1.6.8.1-1.3 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-10549

CVE-2013-2877

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2014-0191

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-1819

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-5312

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-7497

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7498

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7499

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7500

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7941

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-7942

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-7995

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-8035

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-8241

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8242

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8317

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64	—	Vendor Fix

Threats

Impact moderate

References

89 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2013-2877/	self
https://www.suse.com/security/cve/CVE-2014-0191/	self
https://www.suse.com/security/cve/CVE-2015-1819/	self
https://www.suse.com/security/cve/CVE-2015-5312/	self
https://www.suse.com/security/cve/CVE-2015-7497/	self
https://www.suse.com/security/cve/CVE-2015-7498/	self
https://www.suse.com/security/cve/CVE-2015-7499/	self
https://www.suse.com/security/cve/CVE-2015-7500/	self
https://www.suse.com/security/cve/CVE-2015-7941/	self
https://www.suse.com/security/cve/CVE-2015-7942/	self
https://www.suse.com/security/cve/CVE-2015-7995/	self
https://www.suse.com/security/cve/CVE-2015-8035/	self
https://www.suse.com/security/cve/CVE-2015-8241/	self
https://www.suse.com/security/cve/CVE-2015-8242/	self
https://www.suse.com/security/cve/CVE-2015-8317/	self
https://www.suse.com/security/cve/CVE-2013-2877	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/828893	external
https://bugzilla.suse.com/829077	external
https://bugzilla.suse.com/854869	external
https://bugzilla.suse.com/877506	external
https://www.suse.com/security/cve/CVE-2014-0191	external
https://bugzilla.suse.com/1014873	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/876652	external
https://bugzilla.suse.com/877506	external
https://bugzilla.suse.com/996079	external
https://www.suse.com/security/cve/CVE-2015-1819	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/928193	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-5312	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957105	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7497	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957106	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7498	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957107	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7499	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957109	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7500	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957110	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7941	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/951734	external
https://bugzilla.suse.com/951735	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7942	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/951735	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7995	external
https://bugzilla.suse.com/1123130	external
https://bugzilla.suse.com/952474	external
https://www.suse.com/security/cve/CVE-2015-8035	external
https://bugzilla.suse.com/1088279	external
https://bugzilla.suse.com/1105166	external
https://bugzilla.suse.com/954429	external
https://www.suse.com/security/cve/CVE-2015-8241	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956018	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-8242	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956021	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-8317	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956260	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ruby2.2-rubygem-nokogiri-1.6.8.1-1.3 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10549",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10549-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-2877 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-2877/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-0191 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-0191/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-1819 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-1819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-5312 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-5312/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7497 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7498 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7499 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7500 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7500/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7941 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7941/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7942 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7942/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7995 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7995/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8035 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8035/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8241 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8241/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8242 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8242/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8317 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8317/"
      }
    ],
    "title": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10549-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
                  "product_id": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
                  "product_id": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
                  "product_id": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
                  "product_id": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
                  "product_id": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
                  "product_id": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
                  "product_id": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
                  "product_id": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
                  "product_id": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
                  "product_id": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
                  "product_id": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
                  "product_id": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
                  "product_id": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
                  "product_id": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
                  "product_id": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
                  "product_id": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
                  "product_id": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
                  "product_id": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
                  "product_id": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
                  "product_id": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
                "product": {
                  "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
                  "product_id": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
                  "product_id": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
                  "product_id": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
                "product": {
                  "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
                  "product_id": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        },
        "product_reference": "ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        },
        "product_reference": "ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-2877",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-2877"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-2877",
          "url": "https://www.suse.com/security/cve/CVE-2013-2877"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 828893 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/828893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 829077 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/829077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854869 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/854869"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877506 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/877506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-2877"
    },
    {
      "cve": "CVE-2014-0191",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-0191"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-0191",
          "url": "https://www.suse.com/security/cve/CVE-2014-0191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1014873 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/1014873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 876652 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/876652"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877506 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/877506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 996079 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/996079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-0191"
    },
    {
      "cve": "CVE-2015-1819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-1819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-1819",
          "url": "https://www.suse.com/security/cve/CVE-2015-1819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 928193 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/928193"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-1819"
    },
    {
      "cve": "CVE-2015-5312",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-5312"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-5312",
          "url": "https://www.suse.com/security/cve/CVE-2015-5312"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957105 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/957105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-5312"
    },
    {
      "cve": "CVE-2015-7497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7497",
          "url": "https://www.suse.com/security/cve/CVE-2015-7497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957106 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/957106"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7497"
    },
    {
      "cve": "CVE-2015-7498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7498",
          "url": "https://www.suse.com/security/cve/CVE-2015-7498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957107 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/957107"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7498"
    },
    {
      "cve": "CVE-2015-7499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7499",
          "url": "https://www.suse.com/security/cve/CVE-2015-7499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957109 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/957109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7499"
    },
    {
      "cve": "CVE-2015-7500",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7500"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7500",
          "url": "https://www.suse.com/security/cve/CVE-2015-7500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957110 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/957110"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7500"
    },
    {
      "cve": "CVE-2015-7941",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7941"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7941",
          "url": "https://www.suse.com/security/cve/CVE-2015-7941"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951734 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/951734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951735 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/951735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7941"
    },
    {
      "cve": "CVE-2015-7942",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7942"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7942",
          "url": "https://www.suse.com/security/cve/CVE-2015-7942"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951735 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/951735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7942"
    },
    {
      "cve": "CVE-2015-7995",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7995"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a \"type confusion\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7995",
          "url": "https://www.suse.com/security/cve/CVE-2015-7995"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123130 for CVE-2015-7995",
          "url": "https://bugzilla.suse.com/1123130"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952474 for CVE-2015-7995",
          "url": "https://bugzilla.suse.com/952474"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7995"
    },
    {
      "cve": "CVE-2015-8035",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8035"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8035",
          "url": "https://www.suse.com/security/cve/CVE-2015-8035"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1088279 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/1088279"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1105166 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/1105166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954429 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/954429"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8035"
    },
    {
      "cve": "CVE-2015-8241",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8241"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8241",
          "url": "https://www.suse.com/security/cve/CVE-2015-8241"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956018 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/956018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8241"
    },
    {
      "cve": "CVE-2015-8242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8242",
          "url": "https://www.suse.com/security/cve/CVE-2015-8242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956021 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/956021"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8242"
    },
    {
      "cve": "CVE-2015-8317",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8317"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
          "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8317",
          "url": "https://www.suse.com/security/cve/CVE-2015-8317"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956260 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/956260"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.2-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-doc-1.6.8.1-1.3.x86_64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.aarch64",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.ppc64le",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.s390x",
            "openSUSE Tumbleweed:ruby2.3-rubygem-nokogiri-testsuite-1.6.8.1-1.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8317"
    }
  ]
}

OPENSUSE-SU-2024:11340-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

ruby2.7-rubygem-nokogiri-1.12.3-1.2 on GA media

Severity

Moderate

Notes

Title of the patch: ruby2.7-rubygem-nokogiri-1.12.3-1.2 on GA media

Description of the patch: These are all security issues fixed in the ruby2.7-rubygem-nokogiri-1.12.3-1.2 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-11340

CVE-2013-2877

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2014-0191

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-1819

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-5312

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-7497

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7498

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7499

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7500

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7941

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-7942

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-7995

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-8035

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-8241

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8242

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8317

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-4658

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-4738

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-5131

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-15412

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-5029

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2018-14404

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2018-8048

5.4 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2019-11068

6.6 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2019-20388

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2019-5477

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2020-24977

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2020-7595

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-3516

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-3517

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-3518

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-3537

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-3541

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64	—	Vendor Fix

Threats

Impact moderate

References

166 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2013-2877/	self
https://www.suse.com/security/cve/CVE-2014-0191/	self
https://www.suse.com/security/cve/CVE-2015-1819/	self
https://www.suse.com/security/cve/CVE-2015-5312/	self
https://www.suse.com/security/cve/CVE-2015-7497/	self
https://www.suse.com/security/cve/CVE-2015-7498/	self
https://www.suse.com/security/cve/CVE-2015-7499/	self
https://www.suse.com/security/cve/CVE-2015-7500/	self
https://www.suse.com/security/cve/CVE-2015-7941/	self
https://www.suse.com/security/cve/CVE-2015-7942/	self
https://www.suse.com/security/cve/CVE-2015-7995/	self
https://www.suse.com/security/cve/CVE-2015-8035/	self
https://www.suse.com/security/cve/CVE-2015-8241/	self
https://www.suse.com/security/cve/CVE-2015-8242/	self
https://www.suse.com/security/cve/CVE-2015-8317/	self
https://www.suse.com/security/cve/CVE-2016-4658/	self
https://www.suse.com/security/cve/CVE-2016-4738/	self
https://www.suse.com/security/cve/CVE-2016-5131/	self
https://www.suse.com/security/cve/CVE-2017-15412/	self
https://www.suse.com/security/cve/CVE-2017-5029/	self
https://www.suse.com/security/cve/CVE-2018-14404/	self
https://www.suse.com/security/cve/CVE-2018-8048/	self
https://www.suse.com/security/cve/CVE-2019-11068/	self
https://www.suse.com/security/cve/CVE-2019-20388/	self
https://www.suse.com/security/cve/CVE-2019-5477/	self
https://www.suse.com/security/cve/CVE-2020-24977/	self
https://www.suse.com/security/cve/CVE-2020-7595/	self
https://www.suse.com/security/cve/CVE-2021-3516/	self
https://www.suse.com/security/cve/CVE-2021-3517/	self
https://www.suse.com/security/cve/CVE-2021-3518/	self
https://www.suse.com/security/cve/CVE-2021-3537/	self
https://www.suse.com/security/cve/CVE-2021-3541/	self
https://www.suse.com/security/cve/CVE-2013-2877	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/828893	external
https://bugzilla.suse.com/829077	external
https://bugzilla.suse.com/854869	external
https://bugzilla.suse.com/877506	external
https://www.suse.com/security/cve/CVE-2014-0191	external
https://bugzilla.suse.com/1014873	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/876652	external
https://bugzilla.suse.com/877506	external
https://bugzilla.suse.com/996079	external
https://www.suse.com/security/cve/CVE-2015-1819	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/928193	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-5312	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957105	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7497	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957106	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7498	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957107	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7499	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957109	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7500	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957110	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7941	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/951734	external
https://bugzilla.suse.com/951735	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7942	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/951735	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7995	external
https://bugzilla.suse.com/1123130	external
https://bugzilla.suse.com/952474	external
https://www.suse.com/security/cve/CVE-2015-8035	external
https://bugzilla.suse.com/1088279	external
https://bugzilla.suse.com/1105166	external
https://bugzilla.suse.com/954429	external
https://www.suse.com/security/cve/CVE-2015-8241	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956018	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-8242	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956021	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-8317	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956260	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2016-4658	external
https://bugzilla.suse.com/1005544	external
https://bugzilla.suse.com/1014873	external
https://bugzilla.suse.com/1069433	external
https://bugzilla.suse.com/1078813	external
https://bugzilla.suse.com/1123919	external
https://www.suse.com/security/cve/CVE-2016-4738	external
https://bugzilla.suse.com/1005591	external
https://bugzilla.suse.com/1123130	external
https://www.suse.com/security/cve/CVE-2016-5131	external
https://bugzilla.suse.com/1014873	external
https://bugzilla.suse.com/1069433	external
https://bugzilla.suse.com/1078813	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/989901	external
https://www.suse.com/security/cve/CVE-2017-15412	external
https://bugzilla.suse.com/1071691	external
https://bugzilla.suse.com/1077993	external
https://bugzilla.suse.com/1123129	external
https://bugzilla.suse.com/1123919	external
https://www.suse.com/security/cve/CVE-2017-5029	external
https://bugzilla.suse.com/1028848	external
https://bugzilla.suse.com/1028875	external
https://bugzilla.suse.com/1035905	external
https://bugzilla.suse.com/1123130	external
https://www.suse.com/security/cve/CVE-2018-14404	external
https://bugzilla.suse.com/1102046	external
https://bugzilla.suse.com/1148896	external
https://www.suse.com/security/cve/CVE-2018-8048	external
https://bugzilla.suse.com/1085967	external
https://bugzilla.suse.com/1086598	external
https://www.suse.com/security/cve/CVE-2019-11068	external
https://bugzilla.suse.com/1132160	external
https://bugzilla.suse.com/1154212	external
https://www.suse.com/security/cve/CVE-2019-20388	external
https://bugzilla.suse.com/1161521	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2019-5477	external
https://bugzilla.suse.com/1146578	external
https://www.suse.com/security/cve/CVE-2020-24977	external
https://bugzilla.suse.com/1176179	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2020-7595	external
https://bugzilla.suse.com/1161517	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2021-3516	external
https://bugzilla.suse.com/1185409	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2021-3517	external
https://bugzilla.suse.com/1185410	external
https://bugzilla.suse.com/1191860	external
https://bugzilla.suse.com/1194438	external
https://bugzilla.suse.com/1196383	external
https://www.suse.com/security/cve/CVE-2021-3518	external
https://bugzilla.suse.com/1185408	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2021-3537	external
https://bugzilla.suse.com/1185698	external
https://www.suse.com/security/cve/CVE-2021-3541	external
https://bugzilla.suse.com/1186015	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ruby2.7-rubygem-nokogiri-1.12.3-1.2 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ruby2.7-rubygem-nokogiri-1.12.3-1.2 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-11340",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11340-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-2877 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-2877/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-0191 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-0191/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-1819 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-1819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-5312 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-5312/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7497 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7498 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7499 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7500 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7500/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7941 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7941/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7942 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7942/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7995 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7995/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8035 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8035/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8241 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8241/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8242 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8242/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8317 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8317/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-4658 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-4658/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-4738 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-4738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5131 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5131/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-15412 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-15412/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5029 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5029/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-14404 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-14404/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-8048 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-8048/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11068 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11068/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-20388 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-20388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-5477 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-5477/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-24977 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-24977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-7595 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-7595/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3516 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3516/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3517 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3517/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3518 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3518/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3537 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3537/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3541 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3541/"
      }
    ],
    "title": "ruby2.7-rubygem-nokogiri-1.12.3-1.2 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:11340-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
                "product": {
                  "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
                  "product_id": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
                "product": {
                  "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
                  "product_id": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
                "product": {
                  "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
                  "product_id": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
                "product": {
                  "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
                  "product_id": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
                "product": {
                  "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
                  "product_id": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
                "product": {
                  "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
                  "product_id": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
                "product": {
                  "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
                  "product_id": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64",
                "product": {
                  "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64",
                  "product_id": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64"
        },
        "product_reference": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le"
        },
        "product_reference": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x"
        },
        "product_reference": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64"
        },
        "product_reference": "ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64"
        },
        "product_reference": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le"
        },
        "product_reference": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x"
        },
        "product_reference": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        },
        "product_reference": "ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-2877",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-2877"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-2877",
          "url": "https://www.suse.com/security/cve/CVE-2013-2877"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 828893 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/828893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 829077 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/829077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854869 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/854869"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877506 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/877506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-2877"
    },
    {
      "cve": "CVE-2014-0191",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-0191"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-0191",
          "url": "https://www.suse.com/security/cve/CVE-2014-0191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1014873 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/1014873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 876652 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/876652"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877506 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/877506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 996079 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/996079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-0191"
    },
    {
      "cve": "CVE-2015-1819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-1819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-1819",
          "url": "https://www.suse.com/security/cve/CVE-2015-1819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 928193 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/928193"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-1819"
    },
    {
      "cve": "CVE-2015-5312",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-5312"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-5312",
          "url": "https://www.suse.com/security/cve/CVE-2015-5312"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957105 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/957105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-5312"
    },
    {
      "cve": "CVE-2015-7497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7497",
          "url": "https://www.suse.com/security/cve/CVE-2015-7497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957106 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/957106"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7497"
    },
    {
      "cve": "CVE-2015-7498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7498",
          "url": "https://www.suse.com/security/cve/CVE-2015-7498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957107 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/957107"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7498"
    },
    {
      "cve": "CVE-2015-7499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7499",
          "url": "https://www.suse.com/security/cve/CVE-2015-7499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957109 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/957109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7499"
    },
    {
      "cve": "CVE-2015-7500",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7500"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7500",
          "url": "https://www.suse.com/security/cve/CVE-2015-7500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957110 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/957110"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7500"
    },
    {
      "cve": "CVE-2015-7941",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7941"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7941",
          "url": "https://www.suse.com/security/cve/CVE-2015-7941"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951734 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/951734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951735 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/951735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7941"
    },
    {
      "cve": "CVE-2015-7942",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7942"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7942",
          "url": "https://www.suse.com/security/cve/CVE-2015-7942"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951735 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/951735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7942"
    },
    {
      "cve": "CVE-2015-7995",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7995"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a \"type confusion\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7995",
          "url": "https://www.suse.com/security/cve/CVE-2015-7995"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123130 for CVE-2015-7995",
          "url": "https://bugzilla.suse.com/1123130"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952474 for CVE-2015-7995",
          "url": "https://bugzilla.suse.com/952474"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7995"
    },
    {
      "cve": "CVE-2015-8035",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8035"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8035",
          "url": "https://www.suse.com/security/cve/CVE-2015-8035"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1088279 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/1088279"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1105166 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/1105166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954429 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/954429"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8035"
    },
    {
      "cve": "CVE-2015-8241",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8241"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8241",
          "url": "https://www.suse.com/security/cve/CVE-2015-8241"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956018 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/956018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8241"
    },
    {
      "cve": "CVE-2015-8242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8242",
          "url": "https://www.suse.com/security/cve/CVE-2015-8242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956021 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/956021"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8242"
    },
    {
      "cve": "CVE-2015-8317",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8317"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8317",
          "url": "https://www.suse.com/security/cve/CVE-2015-8317"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956260 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/956260"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8317"
    },
    {
      "cve": "CVE-2016-4658",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-4658"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-4658",
          "url": "https://www.suse.com/security/cve/CVE-2016-4658"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1005544 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1005544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1014873 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1014873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1069433 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1069433"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1078813 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1078813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1123919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-4658"
    },
    {
      "cve": "CVE-2016-4738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-4738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-4738",
          "url": "https://www.suse.com/security/cve/CVE-2016-4738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1005591 for CVE-2016-4738",
          "url": "https://bugzilla.suse.com/1005591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123130 for CVE-2016-4738",
          "url": "https://bugzilla.suse.com/1123130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-4738"
    },
    {
      "cve": "CVE-2016-5131",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5131"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5131",
          "url": "https://www.suse.com/security/cve/CVE-2016-5131"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1014873 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/1014873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1069433 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/1069433"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1078813 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/1078813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 989901 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/989901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5131"
    },
    {
      "cve": "CVE-2017-15412",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-15412"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-15412",
          "url": "https://www.suse.com/security/cve/CVE-2017-15412"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1071691 for CVE-2017-15412",
          "url": "https://bugzilla.suse.com/1071691"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077993 for CVE-2017-15412",
          "url": "https://bugzilla.suse.com/1077993"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123129 for CVE-2017-15412",
          "url": "https://bugzilla.suse.com/1123129"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2017-15412",
          "url": "https://bugzilla.suse.com/1123919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-15412"
    },
    {
      "cve": "CVE-2017-5029",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5029"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5029",
          "url": "https://www.suse.com/security/cve/CVE-2017-5029"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028848 for CVE-2017-5029",
          "url": "https://bugzilla.suse.com/1028848"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028875 for CVE-2017-5029",
          "url": "https://bugzilla.suse.com/1028875"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035905 for CVE-2017-5029",
          "url": "https://bugzilla.suse.com/1035905"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123130 for CVE-2017-5029",
          "url": "https://bugzilla.suse.com/1123130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-5029"
    },
    {
      "cve": "CVE-2018-14404",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-14404"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-14404",
          "url": "https://www.suse.com/security/cve/CVE-2018-14404"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1102046 for CVE-2018-14404",
          "url": "https://bugzilla.suse.com/1102046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1148896 for CVE-2018-14404",
          "url": "https://bugzilla.suse.com/1148896"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-14404"
    },
    {
      "cve": "CVE-2018-8048",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-8048"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-8048",
          "url": "https://www.suse.com/security/cve/CVE-2018-8048"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085967 for CVE-2018-8048",
          "url": "https://bugzilla.suse.com/1085967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1086598 for CVE-2018-8048",
          "url": "https://bugzilla.suse.com/1086598"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-8048"
    },
    {
      "cve": "CVE-2019-11068",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11068"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11068",
          "url": "https://www.suse.com/security/cve/CVE-2019-11068"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1132160 for CVE-2019-11068",
          "url": "https://bugzilla.suse.com/1132160"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154212 for CVE-2019-11068",
          "url": "https://bugzilla.suse.com/1154212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11068"
    },
    {
      "cve": "CVE-2019-20388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-20388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-20388",
          "url": "https://www.suse.com/security/cve/CVE-2019-20388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1161521 for CVE-2019-20388",
          "url": "https://bugzilla.suse.com/1161521"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2019-20388",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2019-20388"
    },
    {
      "cve": "CVE-2019-5477",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-5477"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby\u0027s `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being called with unsafe user input as the filename. This vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. Rexical is used by Nokogiri to generate lexical scanner code for parsing CSS queries. The underlying vulnerability was addressed in Rexical v1.0.7 and Nokogiri upgraded to this version of Rexical in Nokogiri v1.10.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-5477",
          "url": "https://www.suse.com/security/cve/CVE-2019-5477"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1146578 for CVE-2019-5477",
          "url": "https://bugzilla.suse.com/1146578"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-5477"
    },
    {
      "cve": "CVE-2020-24977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-24977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-24977",
          "url": "https://www.suse.com/security/cve/CVE-2020-24977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176179 for CVE-2020-24977",
          "url": "https://bugzilla.suse.com/1176179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2020-24977",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-24977"
    },
    {
      "cve": "CVE-2020-7595",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-7595"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-7595",
          "url": "https://www.suse.com/security/cve/CVE-2020-7595"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1161517 for CVE-2020-7595",
          "url": "https://bugzilla.suse.com/1161517"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2020-7595",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-7595"
    },
    {
      "cve": "CVE-2021-3516",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3516"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There\u0027s a flaw in libxml2\u0027s xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3516",
          "url": "https://www.suse.com/security/cve/CVE-2021-3516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185409 for CVE-2021-3516",
          "url": "https://bugzilla.suse.com/1185409"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2021-3516",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-3516"
    },
    {
      "cve": "CVE-2021-3517",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3517"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3517",
          "url": "https://www.suse.com/security/cve/CVE-2021-3517"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185410 for CVE-2021-3517",
          "url": "https://bugzilla.suse.com/1185410"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2021-3517",
          "url": "https://bugzilla.suse.com/1191860"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194438 for CVE-2021-3517",
          "url": "https://bugzilla.suse.com/1194438"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196383 for CVE-2021-3517",
          "url": "https://bugzilla.suse.com/1196383"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-3517"
    },
    {
      "cve": "CVE-2021-3518",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3518"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There\u0027s a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3518",
          "url": "https://www.suse.com/security/cve/CVE-2021-3518"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185408 for CVE-2021-3518",
          "url": "https://bugzilla.suse.com/1185408"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2021-3518",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-3518"
    },
    {
      "cve": "CVE-2021-3537",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3537"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3537",
          "url": "https://www.suse.com/security/cve/CVE-2021-3537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185698 for CVE-2021-3537",
          "url": "https://bugzilla.suse.com/1185698"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-3537"
    },
    {
      "cve": "CVE-2021-3541",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3541"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
          "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3541",
          "url": "https://www.suse.com/security/cve/CVE-2021-3541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186015 for CVE-2021-3541",
          "url": "https://bugzilla.suse.com/1186015"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby2.7-rubygem-nokogiri-1.12.3-1.2.x86_64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.aarch64",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.ppc64le",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.s390x",
            "openSUSE Tumbleweed:ruby3.0-rubygem-nokogiri-1.12.3-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-3541"
    }
  ]
}

OPENSUSE-SU-2024:11912-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

ruby3.1-rubygem-nokogiri-1.13.3-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: ruby3.1-rubygem-nokogiri-1.13.3-1.1 on GA media

Description of the patch: These are all security issues fixed in the ruby3.1-rubygem-nokogiri-1.13.3-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-11912

CVE-2013-2877

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2014-0191

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-1819

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-5312

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-7497

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7498

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7499

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7500

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-7941

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-7942

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-7995

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-8035

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2015-8241

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8242

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8317

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-4658

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-4738

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-5131

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-15412

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-5029

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2018-14404

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2018-8048

5.4 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2019-11068

6.6 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2019-20388

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2019-5477

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2020-24977

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2020-7595

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-30560

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-3516

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-3517

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-3518

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-3537

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-3541

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-41098

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-23308

7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

181 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2013-2877/	self
https://www.suse.com/security/cve/CVE-2014-0191/	self
https://www.suse.com/security/cve/CVE-2015-1819/	self
https://www.suse.com/security/cve/CVE-2015-5312/	self
https://www.suse.com/security/cve/CVE-2015-7497/	self
https://www.suse.com/security/cve/CVE-2015-7498/	self
https://www.suse.com/security/cve/CVE-2015-7499/	self
https://www.suse.com/security/cve/CVE-2015-7500/	self
https://www.suse.com/security/cve/CVE-2015-7941/	self
https://www.suse.com/security/cve/CVE-2015-7942/	self
https://www.suse.com/security/cve/CVE-2015-7995/	self
https://www.suse.com/security/cve/CVE-2015-8035/	self
https://www.suse.com/security/cve/CVE-2015-8241/	self
https://www.suse.com/security/cve/CVE-2015-8242/	self
https://www.suse.com/security/cve/CVE-2015-8317/	self
https://www.suse.com/security/cve/CVE-2016-4658/	self
https://www.suse.com/security/cve/CVE-2016-4738/	self
https://www.suse.com/security/cve/CVE-2016-5131/	self
https://www.suse.com/security/cve/CVE-2017-15412/	self
https://www.suse.com/security/cve/CVE-2017-5029/	self
https://www.suse.com/security/cve/CVE-2018-14404/	self
https://www.suse.com/security/cve/CVE-2018-8048/	self
https://www.suse.com/security/cve/CVE-2019-11068/	self
https://www.suse.com/security/cve/CVE-2019-20388/	self
https://www.suse.com/security/cve/CVE-2019-5477/	self
https://www.suse.com/security/cve/CVE-2020-24977/	self
https://www.suse.com/security/cve/CVE-2020-7595/	self
https://www.suse.com/security/cve/CVE-2021-30560/	self
https://www.suse.com/security/cve/CVE-2021-3516/	self
https://www.suse.com/security/cve/CVE-2021-3517/	self
https://www.suse.com/security/cve/CVE-2021-3518/	self
https://www.suse.com/security/cve/CVE-2021-3537/	self
https://www.suse.com/security/cve/CVE-2021-3541/	self
https://www.suse.com/security/cve/CVE-2021-41098/	self
https://www.suse.com/security/cve/CVE-2022-23308/	self
https://www.suse.com/security/cve/CVE-2013-2877	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/828893	external
https://bugzilla.suse.com/829077	external
https://bugzilla.suse.com/854869	external
https://bugzilla.suse.com/877506	external
https://www.suse.com/security/cve/CVE-2014-0191	external
https://bugzilla.suse.com/1014873	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/876652	external
https://bugzilla.suse.com/877506	external
https://bugzilla.suse.com/996079	external
https://www.suse.com/security/cve/CVE-2015-1819	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/928193	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-5312	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957105	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7497	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957106	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7498	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957107	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7499	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957109	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7500	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/957110	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7941	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/951734	external
https://bugzilla.suse.com/951735	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7942	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/951735	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-7995	external
https://bugzilla.suse.com/1123130	external
https://bugzilla.suse.com/952474	external
https://www.suse.com/security/cve/CVE-2015-8035	external
https://bugzilla.suse.com/1088279	external
https://bugzilla.suse.com/1105166	external
https://bugzilla.suse.com/954429	external
https://www.suse.com/security/cve/CVE-2015-8241	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956018	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-8242	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956021	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2015-8317	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/956260	external
https://bugzilla.suse.com/959469	external
https://bugzilla.suse.com/969769	external
https://www.suse.com/security/cve/CVE-2016-4658	external
https://bugzilla.suse.com/1005544	external
https://bugzilla.suse.com/1014873	external
https://bugzilla.suse.com/1069433	external
https://bugzilla.suse.com/1078813	external
https://bugzilla.suse.com/1123919	external
https://www.suse.com/security/cve/CVE-2016-4738	external
https://bugzilla.suse.com/1005591	external
https://bugzilla.suse.com/1123130	external
https://www.suse.com/security/cve/CVE-2016-5131	external
https://bugzilla.suse.com/1014873	external
https://bugzilla.suse.com/1069433	external
https://bugzilla.suse.com/1078813	external
https://bugzilla.suse.com/1123919	external
https://bugzilla.suse.com/989901	external
https://www.suse.com/security/cve/CVE-2017-15412	external
https://bugzilla.suse.com/1071691	external
https://bugzilla.suse.com/1077993	external
https://bugzilla.suse.com/1123129	external
https://bugzilla.suse.com/1123919	external
https://www.suse.com/security/cve/CVE-2017-5029	external
https://bugzilla.suse.com/1028848	external
https://bugzilla.suse.com/1028875	external
https://bugzilla.suse.com/1035905	external
https://bugzilla.suse.com/1123130	external
https://www.suse.com/security/cve/CVE-2018-14404	external
https://bugzilla.suse.com/1102046	external
https://bugzilla.suse.com/1148896	external
https://www.suse.com/security/cve/CVE-2018-8048	external
https://bugzilla.suse.com/1085967	external
https://bugzilla.suse.com/1086598	external
https://www.suse.com/security/cve/CVE-2019-11068	external
https://bugzilla.suse.com/1132160	external
https://bugzilla.suse.com/1154212	external
https://www.suse.com/security/cve/CVE-2019-20388	external
https://bugzilla.suse.com/1161521	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2019-5477	external
https://bugzilla.suse.com/1146578	external
https://www.suse.com/security/cve/CVE-2020-24977	external
https://bugzilla.suse.com/1176179	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2020-7595	external
https://bugzilla.suse.com/1161517	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2021-30560	external
https://bugzilla.suse.com/1188373	external
https://bugzilla.suse.com/1208574	external
https://bugzilla.suse.com/1211500	external
https://bugzilla.suse.com/1211501	external
https://bugzilla.suse.com/1211544	external
https://www.suse.com/security/cve/CVE-2021-3516	external
https://bugzilla.suse.com/1185409	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2021-3517	external
https://bugzilla.suse.com/1185410	external
https://bugzilla.suse.com/1191860	external
https://bugzilla.suse.com/1194438	external
https://bugzilla.suse.com/1196383	external
https://www.suse.com/security/cve/CVE-2021-3518	external
https://bugzilla.suse.com/1185408	external
https://bugzilla.suse.com/1191860	external
https://www.suse.com/security/cve/CVE-2021-3537	external
https://bugzilla.suse.com/1185698	external
https://www.suse.com/security/cve/CVE-2021-3541	external
https://bugzilla.suse.com/1186015	external
https://www.suse.com/security/cve/CVE-2021-41098	external
https://bugzilla.suse.com/1191029	external
https://www.suse.com/security/cve/CVE-2022-23308	external
https://bugzilla.suse.com/1196490	external
https://bugzilla.suse.com/1199098	external
https://bugzilla.suse.com/1202688	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ruby3.1-rubygem-nokogiri-1.13.3-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ruby3.1-rubygem-nokogiri-1.13.3-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-11912",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11912-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2013-2877 page",
        "url": "https://www.suse.com/security/cve/CVE-2013-2877/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-0191 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-0191/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-1819 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-1819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-5312 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-5312/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7497 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7498 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7499 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7500 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7500/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7941 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7941/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7942 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7942/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7995 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7995/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8035 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8035/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8241 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8241/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8242 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8242/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8317 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8317/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-4658 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-4658/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-4738 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-4738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5131 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5131/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-15412 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-15412/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5029 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5029/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-14404 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-14404/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-8048 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-8048/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-11068 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-11068/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-20388 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-20388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-5477 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-5477/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-24977 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-24977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-7595 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-7595/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-30560 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-30560/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3516 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3516/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3517 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3517/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3518 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3518/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3537 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3537/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-3541 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-3541/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-41098 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-41098/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-23308 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-23308/"
      }
    ],
    "title": "ruby3.1-rubygem-nokogiri-1.13.3-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:11912-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
                "product": {
                  "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
                  "product_id": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
                "product": {
                  "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
                  "product_id": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
                "product": {
                  "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
                  "product_id": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64",
                "product": {
                  "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64",
                  "product_id": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64"
        },
        "product_reference": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le"
        },
        "product_reference": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x"
        },
        "product_reference": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        },
        "product_reference": "ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-2877",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2013-2877"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2013-2877",
          "url": "https://www.suse.com/security/cve/CVE-2013-2877"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 828893 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/828893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 829077 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/829077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 854869 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/854869"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877506 for CVE-2013-2877",
          "url": "https://bugzilla.suse.com/877506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2013-2877"
    },
    {
      "cve": "CVE-2014-0191",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-0191"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-0191",
          "url": "https://www.suse.com/security/cve/CVE-2014-0191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1014873 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/1014873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 876652 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/876652"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 877506 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/877506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 996079 for CVE-2014-0191",
          "url": "https://bugzilla.suse.com/996079"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-0191"
    },
    {
      "cve": "CVE-2015-1819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-1819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-1819",
          "url": "https://www.suse.com/security/cve/CVE-2015-1819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 928193 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/928193"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-1819",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-1819"
    },
    {
      "cve": "CVE-2015-5312",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-5312"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-5312",
          "url": "https://www.suse.com/security/cve/CVE-2015-5312"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957105 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/957105"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-5312",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-5312"
    },
    {
      "cve": "CVE-2015-7497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7497",
          "url": "https://www.suse.com/security/cve/CVE-2015-7497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957106 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/957106"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7497",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7497"
    },
    {
      "cve": "CVE-2015-7498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7498",
          "url": "https://www.suse.com/security/cve/CVE-2015-7498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957107 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/957107"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7498",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7498"
    },
    {
      "cve": "CVE-2015-7499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7499",
          "url": "https://www.suse.com/security/cve/CVE-2015-7499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957109 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/957109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7499",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7499"
    },
    {
      "cve": "CVE-2015-7500",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7500"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7500",
          "url": "https://www.suse.com/security/cve/CVE-2015-7500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 957110 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/957110"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7500",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7500"
    },
    {
      "cve": "CVE-2015-7941",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7941"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7941",
          "url": "https://www.suse.com/security/cve/CVE-2015-7941"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951734 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/951734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951735 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/951735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7941",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7941"
    },
    {
      "cve": "CVE-2015-7942",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7942"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7942",
          "url": "https://www.suse.com/security/cve/CVE-2015-7942"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 951735 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/951735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-7942",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7942"
    },
    {
      "cve": "CVE-2015-7995",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7995"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a \"type confusion\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7995",
          "url": "https://www.suse.com/security/cve/CVE-2015-7995"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123130 for CVE-2015-7995",
          "url": "https://bugzilla.suse.com/1123130"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952474 for CVE-2015-7995",
          "url": "https://bugzilla.suse.com/952474"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-7995"
    },
    {
      "cve": "CVE-2015-8035",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8035"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8035",
          "url": "https://www.suse.com/security/cve/CVE-2015-8035"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1088279 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/1088279"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1105166 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/1105166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954429 for CVE-2015-8035",
          "url": "https://bugzilla.suse.com/954429"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-8035"
    },
    {
      "cve": "CVE-2015-8241",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8241"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8241",
          "url": "https://www.suse.com/security/cve/CVE-2015-8241"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956018 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/956018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8241",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8241"
    },
    {
      "cve": "CVE-2015-8242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8242",
          "url": "https://www.suse.com/security/cve/CVE-2015-8242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956021 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/956021"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8242",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8242"
    },
    {
      "cve": "CVE-2015-8317",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8317"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8317",
          "url": "https://www.suse.com/security/cve/CVE-2015-8317"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 956260 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/956260"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 959469 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/959469"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 969769 for CVE-2015-8317",
          "url": "https://bugzilla.suse.com/969769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8317"
    },
    {
      "cve": "CVE-2016-4658",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-4658"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-4658",
          "url": "https://www.suse.com/security/cve/CVE-2016-4658"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1005544 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1005544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1014873 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1014873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1069433 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1069433"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1078813 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1078813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-4658",
          "url": "https://bugzilla.suse.com/1123919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-4658"
    },
    {
      "cve": "CVE-2016-4738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-4738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-4738",
          "url": "https://www.suse.com/security/cve/CVE-2016-4738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1005591 for CVE-2016-4738",
          "url": "https://bugzilla.suse.com/1005591"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123130 for CVE-2016-4738",
          "url": "https://bugzilla.suse.com/1123130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-4738"
    },
    {
      "cve": "CVE-2016-5131",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5131"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5131",
          "url": "https://www.suse.com/security/cve/CVE-2016-5131"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1014873 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/1014873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1069433 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/1069433"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1078813 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/1078813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/1123919"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 989901 for CVE-2016-5131",
          "url": "https://bugzilla.suse.com/989901"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-5131"
    },
    {
      "cve": "CVE-2017-15412",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-15412"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-15412",
          "url": "https://www.suse.com/security/cve/CVE-2017-15412"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1071691 for CVE-2017-15412",
          "url": "https://bugzilla.suse.com/1071691"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077993 for CVE-2017-15412",
          "url": "https://bugzilla.suse.com/1077993"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123129 for CVE-2017-15412",
          "url": "https://bugzilla.suse.com/1123129"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123919 for CVE-2017-15412",
          "url": "https://bugzilla.suse.com/1123919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-15412"
    },
    {
      "cve": "CVE-2017-5029",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5029"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5029",
          "url": "https://www.suse.com/security/cve/CVE-2017-5029"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028848 for CVE-2017-5029",
          "url": "https://bugzilla.suse.com/1028848"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028875 for CVE-2017-5029",
          "url": "https://bugzilla.suse.com/1028875"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035905 for CVE-2017-5029",
          "url": "https://bugzilla.suse.com/1035905"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123130 for CVE-2017-5029",
          "url": "https://bugzilla.suse.com/1123130"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-5029"
    },
    {
      "cve": "CVE-2018-14404",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-14404"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-14404",
          "url": "https://www.suse.com/security/cve/CVE-2018-14404"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1102046 for CVE-2018-14404",
          "url": "https://bugzilla.suse.com/1102046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1148896 for CVE-2018-14404",
          "url": "https://bugzilla.suse.com/1148896"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-14404"
    },
    {
      "cve": "CVE-2018-8048",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-8048"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-8048",
          "url": "https://www.suse.com/security/cve/CVE-2018-8048"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1085967 for CVE-2018-8048",
          "url": "https://bugzilla.suse.com/1085967"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1086598 for CVE-2018-8048",
          "url": "https://bugzilla.suse.com/1086598"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-8048"
    },
    {
      "cve": "CVE-2019-11068",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-11068"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-11068",
          "url": "https://www.suse.com/security/cve/CVE-2019-11068"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1132160 for CVE-2019-11068",
          "url": "https://bugzilla.suse.com/1132160"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1154212 for CVE-2019-11068",
          "url": "https://bugzilla.suse.com/1154212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-11068"
    },
    {
      "cve": "CVE-2019-20388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-20388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-20388",
          "url": "https://www.suse.com/security/cve/CVE-2019-20388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1161521 for CVE-2019-20388",
          "url": "https://bugzilla.suse.com/1161521"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2019-20388",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2019-20388"
    },
    {
      "cve": "CVE-2019-5477",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-5477"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby\u0027s `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being called with unsafe user input as the filename. This vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. Rexical is used by Nokogiri to generate lexical scanner code for parsing CSS queries. The underlying vulnerability was addressed in Rexical v1.0.7 and Nokogiri upgraded to this version of Rexical in Nokogiri v1.10.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-5477",
          "url": "https://www.suse.com/security/cve/CVE-2019-5477"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1146578 for CVE-2019-5477",
          "url": "https://bugzilla.suse.com/1146578"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-5477"
    },
    {
      "cve": "CVE-2020-24977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-24977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-24977",
          "url": "https://www.suse.com/security/cve/CVE-2020-24977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1176179 for CVE-2020-24977",
          "url": "https://bugzilla.suse.com/1176179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2020-24977",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-24977"
    },
    {
      "cve": "CVE-2020-7595",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-7595"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-7595",
          "url": "https://www.suse.com/security/cve/CVE-2020-7595"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1161517 for CVE-2020-7595",
          "url": "https://bugzilla.suse.com/1161517"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2020-7595",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-7595"
    },
    {
      "cve": "CVE-2021-30560",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-30560"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-30560",
          "url": "https://www.suse.com/security/cve/CVE-2021-30560"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188373 for CVE-2021-30560",
          "url": "https://bugzilla.suse.com/1188373"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208574 for CVE-2021-30560",
          "url": "https://bugzilla.suse.com/1208574"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211500 for CVE-2021-30560",
          "url": "https://bugzilla.suse.com/1211500"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211501 for CVE-2021-30560",
          "url": "https://bugzilla.suse.com/1211501"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1211544 for CVE-2021-30560",
          "url": "https://bugzilla.suse.com/1211544"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-30560"
    },
    {
      "cve": "CVE-2021-3516",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3516"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There\u0027s a flaw in libxml2\u0027s xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3516",
          "url": "https://www.suse.com/security/cve/CVE-2021-3516"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185409 for CVE-2021-3516",
          "url": "https://bugzilla.suse.com/1185409"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2021-3516",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-3516"
    },
    {
      "cve": "CVE-2021-3517",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3517"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3517",
          "url": "https://www.suse.com/security/cve/CVE-2021-3517"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185410 for CVE-2021-3517",
          "url": "https://bugzilla.suse.com/1185410"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2021-3517",
          "url": "https://bugzilla.suse.com/1191860"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194438 for CVE-2021-3517",
          "url": "https://bugzilla.suse.com/1194438"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196383 for CVE-2021-3517",
          "url": "https://bugzilla.suse.com/1196383"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-3517"
    },
    {
      "cve": "CVE-2021-3518",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3518"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "There\u0027s a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3518",
          "url": "https://www.suse.com/security/cve/CVE-2021-3518"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185408 for CVE-2021-3518",
          "url": "https://bugzilla.suse.com/1185408"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191860 for CVE-2021-3518",
          "url": "https://bugzilla.suse.com/1191860"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-3518"
    },
    {
      "cve": "CVE-2021-3537",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3537"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3537",
          "url": "https://www.suse.com/security/cve/CVE-2021-3537"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185698 for CVE-2021-3537",
          "url": "https://bugzilla.suse.com/1185698"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-3537"
    },
    {
      "cve": "CVE-2021-3541",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-3541"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-3541",
          "url": "https://www.suse.com/security/cve/CVE-2021-3541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1186015 for CVE-2021-3541",
          "url": "https://bugzilla.suse.com/1186015"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-3541"
    },
    {
      "cve": "CVE-2021-41098",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-41098"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parser resolves external entities by default. Users of Nokogiri on JRuby who parse untrusted documents using any of these classes are affected: Nokogiri::XML::SAX::Parse, Nokogiri::HTML4::SAX::Parser or its alias Nokogiri::HTML::SAX::Parser, Nokogiri::XML::SAX::PushParser, and Nokogiri::HTML4::SAX::PushParser or its alias Nokogiri::HTML::SAX::PushParser. JRuby users should upgrade to Nokogiri v1.12.5 or later to receive a patch for this issue. There are no workarounds available for v1.12.4 or earlier. CRuby users are not affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-41098",
          "url": "https://www.suse.com/security/cve/CVE-2021-41098"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1191029 for CVE-2021-41098",
          "url": "https://bugzilla.suse.com/1191029"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-41098"
    },
    {
      "cve": "CVE-2022-23308",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-23308"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
          "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-23308",
          "url": "https://www.suse.com/security/cve/CVE-2022-23308"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1196490 for CVE-2022-23308",
          "url": "https://bugzilla.suse.com/1196490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199098 for CVE-2022-23308",
          "url": "https://bugzilla.suse.com/1199098"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202688 for CVE-2022-23308",
          "url": "https://bugzilla.suse.com/1202688"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.aarch64",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.ppc64le",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.s390x",
            "openSUSE Tumbleweed:ruby3.1-rubygem-nokogiri-1.13.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-23308"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-7941 (GCVE-0-2015-7941)

Solution

Solution

Tags

Sightings

Nomenclature