Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-9843 (GCVE-0-2016-9843)
Vulnerability from cvelistv5 – Published: 2017-05-23 03:56 – Updated: 2024-08-06 02:59
VLAI
EPSS
Summary
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
33 references
Date Public
2016-09-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
},
{
"name": "95131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95131"
},
{
"name": "1041888",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041888"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "openSUSE-SU-2017:0077",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
},
{
"name": "GLSA-201701-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-56"
},
{
"name": "1039427",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039427"
},
{
"name": "RHSA-2017:1222",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "openSUSE-SU-2017:0080",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "openSUSE-SU-2016:3202",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
},
{
"name": "USN-4246-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4246-1/"
},
{
"name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
},
{
"name": "USN-4292-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208144"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208115"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0002/"
},
{
"name": "GLSA-202007-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202007-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:49.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
},
{
"name": "95131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95131"
},
{
"name": "1041888",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041888"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "openSUSE-SU-2017:0077",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
},
{
"name": "GLSA-201701-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-56"
},
{
"name": "1039427",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039427"
},
{
"name": "RHSA-2017:1222",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "openSUSE-SU-2017:0080",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "openSUSE-SU-2016:3202",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
},
{
"name": "USN-4246-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4246-1/"
},
{
"name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
},
{
"name": "USN-4292-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208144"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208115"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0002/"
},
{
"name": "GLSA-202007-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202007-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-9843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1221",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "RHSA-2017:1220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/21"
},
{
"name": "95131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95131"
},
{
"name": "1041888",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041888"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "openSUSE-SU-2017:0077",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"
},
{
"name": "GLSA-201701-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-56"
},
{
"name": "1039427",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039427"
},
{
"name": "RHSA-2017:1222",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "openSUSE-SU-2017:0080",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "openSUSE-SU-2016:3202",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"name": "[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"
},
{
"name": "USN-4246-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4246-1/"
},
{
"name": "[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"
},
{
"name": "USN-4292-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "https://support.apple.com/HT208144",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208144"
},
{
"name": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib",
"refsource": "MISC",
"url": "https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"
},
{
"name": "https://support.apple.com/HT208113",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208113"
},
{
"name": "https://support.apple.com/HT208112",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208112"
},
{
"name": "https://support.apple.com/HT208115",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208115"
},
{
"name": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf",
"refsource": "MISC",
"url": "https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"
},
{
"name": "https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811",
"refsource": "CONFIRM",
"url": "https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402351"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181018-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181018-0002/"
},
{
"name": "GLSA-202007-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-9843",
"datePublished": "2017-05-23T03:56:00.000Z",
"dateReserved": "2016-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:03.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-9843",
"date": "2026-05-31",
"epss": "0.15071",
"percentile": "0.94693"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.2.0\", \"versionEndExcluding\": \"1.2.9\", \"matchCriteriaId\": \"335E67A2-8ED1-4E9C-B63A-0B4F4F963A94\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4863BE36-D16A-4D75-90D9-FD76DB5B48B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6833701E-5510-4180-9523-9CFD318DEE6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*\", \"matchCriteriaId\": \"7037AEF9-403D-43EC-ABBB-B46619241586\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*\", \"matchCriteriaId\": \"B781F1F7-DE18-41F7-83C1-8690B0884DDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D36F2A6-1329-4D74-BADC-C22D46CF7CFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*\", \"matchCriteriaId\": \"D53D6C3C-C8F3-4FF4-AE9C-1BFF14E74EDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*\", \"matchCriteriaId\": \"71219100-B476-4062-A40A-13F1B8C7DAED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCC055BA-0D21-4D2B-AC9B-B81B8468860C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.5.0\", \"versionEndIncluding\": \"5.5.61\", \"matchCriteriaId\": \"F370B9CC-03AA-436B-AF81-1FD48F33BAEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.6.0\", \"versionEndIncluding\": \"5.6.41\", \"matchCriteriaId\": \"9A2BAC98-4BC4-44EB-AE09-826BD21D5E3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.7.0\", \"versionEndIncluding\": \"5.7.23\", \"matchCriteriaId\": \"76702038-5D38-450F-BA25-FED83FBE758B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0\", \"versionEndIncluding\": \"8.0.12\", \"matchCriteriaId\": \"106FA614-55B8-4D90-B654-47EE199E7CC1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4F86C3C-B99C-44C6-97D7-163DC3F59687\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F96E3779-F56A-45FF-BB3D-4980527D721E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11\", \"matchCriteriaId\": \"F72F611A-26E5-4CC7-888E-96AD158D7C68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.13.0\", \"matchCriteriaId\": \"66F7B69D-5362-4E15-9FFE-8F3E87738920\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.0\", \"matchCriteriaId\": \"11895153-2FE5-4D73-B7FC-182FA280BA36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4\", \"matchCriteriaId\": \"49790D15-2446-4138-B1FA-6C806587C5A1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*\", \"versionStartIncluding\": \"7.3\", \"matchCriteriaId\": \"BD075607-09B7-493E-8611-66D041FFDA62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*\", \"versionStartIncluding\": \"9.5\", \"matchCriteriaId\": \"0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5735E553-9731-4AAC-BCFF-989377F817B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.5.0\", \"versionEndExcluding\": \"5.5.62\", \"matchCriteriaId\": \"C87F0098-C8A6-4815-A14C-19B49A508FF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.0.37\", \"matchCriteriaId\": \"C38B1059-586F-4930-8F86-52A7B19AB54F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.1.0\", \"versionEndExcluding\": \"10.1.37\", \"matchCriteriaId\": \"2AC91A04-1CD8-4863-874E-C9B3C4922998\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.2.0\", \"versionEndExcluding\": \"10.2.19\", \"matchCriteriaId\": \"8451F87D-FA6E-403E-8865-CE6DE7F3FE62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.3.0\", \"versionEndExcluding\": \"10.3.11\", \"matchCriteriaId\": \"BDD53EB8-46EF-49F4-9C75-610A3B466203\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\", \"versionStartIncluding\": \"4.0.0\", \"versionEndIncluding\": \"4.1.2\", \"matchCriteriaId\": \"A47FC4F7-1F77-4314-B4B3-3C5D8E335379\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\", \"versionStartIncluding\": \"4.2.0\", \"versionEndExcluding\": \"4.8.2\", \"matchCriteriaId\": \"BCA5DE0E-A10C-42A1-BFE3-1FED2C3171AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndIncluding\": \"6.8.1\", \"matchCriteriaId\": \"D107EC29-67E7-40C3-8E5A-324C9105C5E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\", \"versionStartIncluding\": \"6.9.0\", \"versionEndExcluding\": \"6.10.2\", \"matchCriteriaId\": \"ED1F2BAC-47F9-49C9-93FE-20EDD46CDF86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\", \"versionStartIncluding\": \"7.0.0\", \"versionEndExcluding\": \"7.6.0\", \"matchCriteriaId\": \"7F49B5A3-6516-46A2-884B-4D6657C188AE\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n crc32_big en crc32.c in zlib 1.2.8 podr\\u00eda permitir que atacantes dependientes del contexto causen impactos no especificados mediante vectores que implican c\\u00e1lculos CRC big-endian.\"}]",
"id": "CVE-2016-9843",
"lastModified": "2024-11-21T03:01:51.617",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-05-23T04:29:01.900",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/12/05/21\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://www.securityfocus.com/bid/95131\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://www.securitytracker.com/id/1039427\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://www.securitytracker.com/id/1041888\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1220\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1221\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1222\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2999\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3046\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3047\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3453\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1402351\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://security.gentoo.org/glsa/201701-56\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://security.gentoo.org/glsa/202007-54\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20181018-0002/\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://support.apple.com/HT208112\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://support.apple.com/HT208113\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://support.apple.com/HT208115\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://support.apple.com/HT208144\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://usn.ubuntu.com/4246-1/\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://usn.ubuntu.com/4292-1/\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"source\": \"security@opentext.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/12/05/21\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/95131\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1039427\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1041888\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1220\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1221\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1222\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3046\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3047\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3453\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1402351\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201701-56\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/202007-54\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20181018-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT208112\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT208113\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT208115\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT208144\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/4246-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/4292-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-9843\",\"sourceIdentifier\":\"security@opentext.com\",\"published\":\"2017-05-23T04:29:01.900\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n crc32_big en crc32.c in zlib 1.2.8 podr\u00eda permitir que atacantes dependientes del contexto causen impactos no especificados mediante vectores que implican c\u00e1lculos CRC big-endian.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.2.0\",\"versionEndExcluding\":\"1.2.9\",\"matchCriteriaId\":\"335E67A2-8ED1-4E9C-B63A-0B4F4F963A94\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4863BE36-D16A-4D75-90D9-FD76DB5B48B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6833701E-5510-4180-9523-9CFD318DEE6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"7037AEF9-403D-43EC-ABBB-B46619241586\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*\",\"matchCriteriaId\":\"B781F1F7-DE18-41F7-83C1-8690B0884DDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D36F2A6-1329-4D74-BADC-C22D46CF7CFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"D53D6C3C-C8F3-4FF4-AE9C-1BFF14E74EDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*\",\"matchCriteriaId\":\"71219100-B476-4062-A40A-13F1B8C7DAED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC055BA-0D21-4D2B-AC9B-B81B8468860C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndIncluding\":\"5.5.61\",\"matchCriteriaId\":\"F370B9CC-03AA-436B-AF81-1FD48F33BAEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.6.0\",\"versionEndIncluding\":\"5.6.41\",\"matchCriteriaId\":\"9A2BAC98-4BC4-44EB-AE09-826BD21D5E3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.7.0\",\"versionEndIncluding\":\"5.7.23\",\"matchCriteriaId\":\"76702038-5D38-450F-BA25-FED83FBE758B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.0.12\",\"matchCriteriaId\":\"106FA614-55B8-4D90-B654-47EE199E7CC1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4F86C3C-B99C-44C6-97D7-163DC3F59687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96E3779-F56A-45FF-BB3D-4980527D721E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11\",\"matchCriteriaId\":\"F72F611A-26E5-4CC7-888E-96AD158D7C68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.13.0\",\"matchCriteriaId\":\"66F7B69D-5362-4E15-9FFE-8F3E87738920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.0\",\"matchCriteriaId\":\"11895153-2FE5-4D73-B7FC-182FA280BA36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4\",\"matchCriteriaId\":\"49790D15-2446-4138-B1FA-6C806587C5A1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"7.3\",\"matchCriteriaId\":\"BD075607-09B7-493E-8611-66D041FFDA62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*\",\"versionStartIncluding\":\"9.5\",\"matchCriteriaId\":\"0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndExcluding\":\"5.5.62\",\"matchCriteriaId\":\"C87F0098-C8A6-4815-A14C-19B49A508FF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.37\",\"matchCriteriaId\":\"C38B1059-586F-4930-8F86-52A7B19AB54F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndExcluding\":\"10.1.37\",\"matchCriteriaId\":\"2AC91A04-1CD8-4863-874E-C9B3C4922998\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.0\",\"versionEndExcluding\":\"10.2.19\",\"matchCriteriaId\":\"8451F87D-FA6E-403E-8865-CE6DE7F3FE62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3.0\",\"versionEndExcluding\":\"10.3.11\",\"matchCriteriaId\":\"BDD53EB8-46EF-49F4-9C75-610A3B466203\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.1.2\",\"matchCriteriaId\":\"A47FC4F7-1F77-4314-B4B3-3C5D8E335379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.8.2\",\"matchCriteriaId\":\"BCA5DE0E-A10C-42A1-BFE3-1FED2C3171AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndIncluding\":\"6.8.1\",\"matchCriteriaId\":\"D107EC29-67E7-40C3-8E5A-324C9105C5E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"6.9.0\",\"versionEndExcluding\":\"6.10.2\",\"matchCriteriaId\":\"ED1F2BAC-47F9-49C9-93FE-20EDD46CDF86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.6.0\",\"matchCriteriaId\":\"7F49B5A3-6516-46A2-884B-4D6657C188AE\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html\",\"source\":\"security@opentext.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html\",\"source\":\"security@opentext.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html\",\"source\":\"security@opentext.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/05/21\",\"source\":\"security@opentext.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"security@opentext.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"security@opentext.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"security@opentext.com\"},{\"url\":\"http://www.securityfocus.com/bid/95131\",\"source\":\"security@opentext.com\"},{\"url\":\"http://www.securitytracker.com/id/1039427\",\"source\":\"security@opentext.com\"},{\"url\":\"http://www.securitytracker.com/id/1041888\",\"source\":\"security@opentext.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1220\",\"source\":\"security@opentext.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1221\",\"source\":\"security@opentext.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1222\",\"source\":\"security@opentext.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2999\",\"source\":\"security@opentext.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3046\",\"source\":\"security@opentext.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3047\",\"source\":\"security@opentext.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3453\",\"source\":\"security@opentext.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1402351\",\"source\":\"security@opentext.com\"},{\"url\":\"https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811\",\"source\":\"security@opentext.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html\",\"source\":\"security@opentext.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html\",\"source\":\"security@opentext.com\"},{\"url\":\"https://security.gentoo.org/glsa/201701-56\",\"source\":\"security@opentext.com\"},{\"url\":\"https://security.gentoo.org/glsa/202007-54\",\"source\":\"security@opentext.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20181018-0002/\",\"source\":\"security@opentext.com\"},{\"url\":\"https://support.apple.com/HT208112\",\"source\":\"security@opentext.com\"},{\"url\":\"https://support.apple.com/HT208113\",\"source\":\"security@opentext.com\"},{\"url\":\"https://support.apple.com/HT208115\",\"source\":\"security@opentext.com\"},{\"url\":\"https://support.apple.com/HT208144\",\"source\":\"security@opentext.com\"},{\"url\":\"https://usn.ubuntu.com/4246-1/\",\"source\":\"security@opentext.com\"},{\"url\":\"https://usn.ubuntu.com/4292-1/\",\"source\":\"security@opentext.com\"},{\"url\":\"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib\",\"source\":\"security@opentext.com\"},{\"url\":\"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf\",\"source\":\"security@opentext.com\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"security@opentext.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/05/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/95131\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1039427\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1041888\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1222\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3046\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3047\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3453\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1402351\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201701-56\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202007-54\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20181018-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208112\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208115\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208144\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/4246-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/4292-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2019:0628-1
Vulnerability from csaf_suse - Published: 2019-03-18 10:19 - Updated: 2019-03-18 10:19Summary
Security update for galera-3, mariadb, mariadb-connector-c
Severity
Important
Notes
Title of the patch: Security update for galera-3, mariadb, mariadb-connector-c
Description of the patch: This update for mariadb, galera-3, mariadb-connector fixes the following issues:
Security vulnerabilities addressed for mariadb:
- CVE-2016-9843 [bsc#1013882]
- CVE-2018-3058 [bsc#1101676]
- CVE-2018-3060
- CVE-2018-3063 [bsc#1101677]
- CVE-2018-3064 [bsc#1103342]
- CVE-2018-3066 [bsc#1101678]
- CVE-2018-3143 [bsc#1112421]
- CVE-2018-3156 [bsc#1112417]
- CVE-2018-3162 [bsc#1112415]
- CVE-2018-3173 [bsc#1112386]
- CVE-2018-3174 [bsc#1112368]
- CVE-2018-3185 [bsc#1112384]
- CVE-2018-3200 [bsc#1112404]
- CVE-2018-3251 [bsc#1112397]
- CVE-2018-3277 [bsc#1112391]
- CVE-2018-3282 [bsc#1112432]
- CVE-2018-3284 [bsc#1112377]
Other bug fixes and changes for mariadb:
- update to 10.2.21 GA
* MDEV-17589 - Stack-buffer-overflow with indexed varchar
(utf8) field
* MDEV-16987 - ALTER DATABASE possible in read-only mode
(forbid ALTER DATABASE in read_only)
* MDEV-17720 - slave_ddl_exec_mode=IDEMPOTENT does not handle
DROP DATABASE
* MDEV-6453 - Assertion `inited==NONE || (inited==RND && scan)'
failed in handler::ha_rnd_init(bool) with InnoDB, joins,
AND/OR conditions
* MDEV-18105 - Mariabackup fails to copy encrypted InnoDB
system tablespace if LSN>4G
* MDEV-18041 - Database corruption after renaming a
prefix-indexed column [bsc#1120041]
* MDEV-17470 - Orphan temporary files after interrupted ALTER
cause InnoDB: Operating system error number 17 and eventual
fatal error 71
* MDEV-17833: ALTER TABLE is not enforcing prefix index size
limit
* MDEV-17989: InnoDB: Failing assertion:
dict_tf2_is_valid(flags, flags2)
* MDEV-17765: Locking bug fix for SPATIAL INDEX
* MDEV-17923, MDEV-17904, MDEV-17938: Fixes for FULLTEXT INDEX
* Fixes for regressions introduced in MariaDB Server 10.2.19 by
the backup-safe TRUNCATE TABLE (MDEV-13564,
innodb_safe_truncate=ON) and innodb_undo_log_truncate:
* MDEV-17780, MDEV-17816, MDEV-17849, MDEV-17851, MDEV-17885
* Several improvements to MariaDB Server and backup for dealing
with encrypted or page_compressed pages:
* MDEV-12112: corruption in encrypted table may be overlooked
* MDEV-17958: On little-endian systems, remove bug-compatible
variant of innodb_checksum_algorithm=crc32
* MDEV-17957: Make innodb_checksum_algorithm stricter for
strict_* values
* MDEV-18025: Mariabackup fails to detect corrupted
page_compressed=1 tables
* release notes and changelog:
- https://mariadb.com/kb/en/library/mariadb-10221-release-notes
- https://mariadb.com/kb/en/library/mariadb-10221-changelog
- https://mariadb.com/kb/en/library/mariadb-10220-release-notes
- https://mariadb.com/kb/en/library/mariadb-10220-changelog
- remove PerconaFT from the package as it has AGPL licence (bsc#1118754)
- Add patch to link against libatomic where necessary and
use C++11 atomics instead of gcc built-in atomics
- update to 10.2.19 GA [bsc#1116686]
* innodb_safe_truncate system variable for a backup-safe
TRUNCATE TABLE implementation that is based on RENAME,
CREATE, DROP (MDEV-14717, MDEV-14585, MDEV-13564). Default
value for this variable is ON. If you absolutely must use
XtraBackup instead of Mariabackup, you can set it to OFF and
restart the server
* MDEV-17289: Multi-pass recovery fails to apply some redo
log records
* MDEV-17073: INSERT…ON DUPLICATE KEY UPDATE became more
deadlock-prone
* MDEV-17491: micro optimize page_id_t
* MDEV-13671: InnoDB should use case-insensitive column name
comparisons like the rest of the server
* Fixes for indexed virtual columns: MDEV-17215, MDEV-16980
* MDEV-17433: Allow InnoDB start up with empty ib_logfile0
from mariabackup --prepare
* MDEV-12547: InnoDB FULLTEXT index has too strict
innodb_ft_result_cache_limit max limit
* MDEV-17541: KILL QUERY during lock wait in FOREIGN KEY
check causes hang
* MDEV-17531: Crash in RENAME TABLE with FOREIGN KEY and
FULLTEXT INDEX
* MDEV-17532: Performance_schema reports wrong directory for
the temporary files of ALTER TABLE…ALGORITHM=INPLACE
* MDEV-17545: Predicate lock for SPATIAL INDEX should lock
non-matching record
* MDEV-17546: SPATIAL INDEX should not be allowed for
FOREIGN KEY
* MDEV-17548: Incorrect access to off-page column for
indexed virtual column
* MDEV-12023: Assertion failure sym_node->table != NULL
on startup
* MDEV-17230: encryption_key_id from alter is ignored by
encryption threads
* release notes and changelog:
- https://mariadb.com/kb/en/library/mariadb-10219-release-notes
- https://mariadb.com/kb/en/library/mariadb-10219-changelog
- do not pack libmariadb.pc (packed in mariadb-connector-c)
- add 'Requires: libmariadb_plugins' to the mariadb-test subpackage
in order to be able to test client plugins successfuly
(bsc#1111859)
- don't remove debug_key_management.so anymore (bsc#1111858)
- update to 10.2.18 GA
* MDEV-15511 - if available, stunnel can be used during Galera
rsync SST
* MDEV-16791 - mariabackup: Support DDL commands during backup
* MDEV-13564 - Refuse MLOG_TRUNCATE in mariabackup
* MDEV-16934 - add new system variable eq_range_index_dive_limit
to speed up queries that new long nested IN lists. The default
value, for backward compatibility, is 0 meaning 'unlimited'.
* MDEV-13333 - errors on InnoDB lock conflict
* Report all InnoDB redo log corruption
* MDEV-17043 - Purge of indexed virtual columns may cause hang
on table-rebuilding DDL
* MDEV-16868 - corruption of InnoDB temporary tables
* MDEV-16465 - Invalid (old?) table or database name or hang
in ha_innobase::delete_table and log semaphore wait upon
concurrent DDL with foreign keys
* release notes and changelog:
- https://mariadb.com/kb/en/library/mariadb-10218-release-notes
- https://mariadb.com/kb/en/library/mariadb-10218-changelog
- update to 10.2.17 GA
* New variable innodb_log_optimize_ddl for avoiding delay due
to page flushing and allowing concurrent backup
* InnoDB updated to 5.7.23
* MDEV-14637 - Fix hang due to DDL with FOREIGN KEY or
persistent statistics
* MDEV-15953 - Alter InnoDB Partitioned Table Moves Files
(which were originally not in the datadir) to the datadir
* MDEV-16515 - InnoDB: Failing assertion: ++retries < 10000 in
file dict0dict.cc line 2737
* MDEV-16809 - Allow full redo logging for ALTER TABLE
* Temporary tables: MDEV-16713 - InnoDB hang with repeating
log entry
* indexed virtual columns: MDEV-15855 - Deadlock between purge
thread and DDL statement
* MDEV-16664 - Change the default to
innodb_lock_schedule_algorithm=fcfs
* Galera: MDEV-15822 - WSREP: BF lock wait long for trx
* release notes and changelog:
- https://mariadb.com/kb/en/library/mariadb-10217-release-notes
- https://mariadb.com/kb/en/library/mariadb-10217-changelog
- switch to libedit as control sequences were already fixed there
so we don't have to avoid it (bsc#1098683)
- update to 10.2.16 GA
* MDEV-13122: mariabackup now supports MyRocks
* MDEV-13779 - InnoDB fails to shut down purge workers, causing
hang
* MDEV-16267 - Wrong INFORMATION_SCHEMA.INNODB_BUFFER_PAGE.\
TABLE_NAME
* MDEV-13834 - Upgrade failure from 10.1 innodb_encrypt_log
* MDEV-16283 - ALTER TABLE...DISCARD TABLESPACE still takes long
on a large buffer pool
* MDEV-16376 - ASAN: heap-use-after-free in
gcol.innodb_virtual_debug
* MDEV-15824 - innodb_defragment=ON trumps
innodb_optimize_fulltext_only=ON in OPTIMIZE TABLE
* MDEV-16124 - fil_rename_tablespace() times out and crashes
server during table-rebuilding ALTER TABLE
* MDEV-16416 - Crash on IMPORT TABLESPACE of a
ROW_FORMAT=COMPRESSED table
* MDEV-16456 - InnoDB error 'returned OS error 71' complains
about wrong path
* MDEV-13103 - Deal with page_compressed page corruption
* MDEV-16496 - Mariabackup: Implement --verbose option to
instrument InnoDB log apply
* MDEV-16087 - Inconsistent SELECT results when query cache
is enabled
* MDEV-15114 - ASAN heap-use-after-free in mem_heap_dup or
dfield_data_is_binary_equal (fix for indexed virtual columns)
* release notes and changelog:
- https://mariadb.com/kb/en/library/mariadb-10216-release-notes
- https://mariadb.com/kb/en/library/mariadb-10216-changelog
- pack wsrep_sst_rsync_wan file to galera subpackage
Bug fixes and changes for galera-3:
- update to 25.3.24:
* A support for new certification key type was added to allow
more relaxed certification rules for foreign key references (galera#491).
* New status variables were added to display the number of open transactions
and referenced client connections inside Galera provider (galera#492).
* GCache was sometimes cleared unnecessarily on startup if the recovered
state had smaller sequence number than the highest found from GCache.
Now only entries with sequence number higher than recovery point will be
cleared (galera#498).
* Non-primary configuration is saved into grastate.dat only when if the
node is in closing state (galera#499).
* Exception from GComm was not always handled properly resulting in
Galera to remain in half closed state. This was fixed by propagating the
error condition appropriately to upper layers (galera#500).
* A new status variable displaying the total weight of the cluster nodes
was added (galera#501).
* The value of pc.weight did not reflect the actual effective value after
setting it via wsrep_provider_options. This was fixed by making sure that
the new value is taken into use before returning the control back to
caller (galera#505, MDEV-11959)
* Use of ECHD algorithms with old OpenSSL versions was enabled (galera#511).
* Default port value is now used by garbd if the port is not explicitly
given in cluster address (MDEV-15531).
* Correct error handling for posix_fallocate().
* Failed causal reads are retried during configuration changes.
Bug fixes and changes for mariadb-connector-c:
- New upstream version 3.0.6
* MDEV-15263: FIx IS_NUM() macro
* CONC-297: local infile parameter must be unsigned int instead
of my_bool
* CONC-329: change return value of internal socket functions
from my_bool to int
* CONC-332: my_auth doesn't read/update server ok packet
* CONC-344: reset internal row counter
* CONC-345: invalid heap use after free
* CONC-346: Remove old cmake policies
* fixed crash in mysql_select_db if NULL parameter was provided
- New upstream version 3.0.5
* CONC-336: Allow multiple initialization of client library
* Fixed string to MYSQL_TIME conversion (prepared statements)
* CONC-334: Copy all members of MYSQL_FIELD to internal
statement structure
* Fixed double free in dynamic column library
* Added checks for corrupted packets in protocol
* MDEV-15450: Added default connection attribute _server_host
* CONC-326: fixed wrong openssl thread id callback
- New upstream version 3.0.4
* Added option MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS for
mysql_options()/mysql_optionsv():
* New plugin configuration interface: The default configuration
for a specific plugin can be specified via cmake parameter
-DCLIENT_PLUGIN_${PLUGIN}=[DYNAMIC|STATIC|OFF].
* Added support for linux abstract socket (MDEV-15655).
* CONC-320: Added asynchronous/non-blocking support for
OpenSSL and GnuTLS
* CONC-294: Access violation in mysql_close when using
a connection plugin.
* MDEV-14977: If built dynamically the old_password plugin
could not be located due to wrong filename (must be
mysql_old_password.so instead of old_password.so).
* CONC-315: If no default client character set was specified,
the utf8 character set will be used by default (instead of
setting the client character set to server character set)
* CONC-317: Parsing of configuration file fails if key/value
pairs contain white spaces.
* CONC-322: Correct handling of EAGAIN and EINPROGRESS in
internal_connect (socket) for non windows platforms.
* CONC-323: mariadb_stmt_execute_direct hangs forever if
compression used.
* CONC-324: Wrong codepage numbers for some collations.
* CONC-326: ssl_thread_init() uses wrong openssl threadid
callback
- Drop libmysqlclient_r Provides from the -devel package.
(bsc#1097938)
Patchnames: HPE-Helion-OpenStack-8-2019-628,SUSE-2019-628,SUSE-OpenStack-Cloud-8-2019-628,SUSE-OpenStack-Cloud-Crowbar-8-2019-628
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.8 (Critical)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
100 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for galera-3, mariadb, mariadb-connector-c",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mariadb, galera-3, mariadb-connector fixes the following issues:\n\nSecurity vulnerabilities addressed for mariadb:\n\n- CVE-2016-9843 [bsc#1013882]\n- CVE-2018-3058 [bsc#1101676]\n- CVE-2018-3060\n- CVE-2018-3063 [bsc#1101677]\n- CVE-2018-3064 [bsc#1103342]\n- CVE-2018-3066 [bsc#1101678]\n- CVE-2018-3143 [bsc#1112421]\n- CVE-2018-3156 [bsc#1112417]\n- CVE-2018-3162 [bsc#1112415]\n- CVE-2018-3173 [bsc#1112386]\n- CVE-2018-3174 [bsc#1112368]\n- CVE-2018-3185 [bsc#1112384]\n- CVE-2018-3200 [bsc#1112404]\n- CVE-2018-3251 [bsc#1112397]\n- CVE-2018-3277 [bsc#1112391]\n- CVE-2018-3282 [bsc#1112432]\n- CVE-2018-3284 [bsc#1112377]\n\nOther bug fixes and changes for mariadb:\n\n- update to 10.2.21 GA\n * MDEV-17589 - Stack-buffer-overflow with indexed varchar\n (utf8) field\n * MDEV-16987 - ALTER DATABASE possible in read-only mode\n (forbid ALTER DATABASE in read_only)\n * MDEV-17720 - slave_ddl_exec_mode=IDEMPOTENT does not handle\n DROP DATABASE\n * MDEV-6453 - Assertion `inited==NONE || (inited==RND \u0026\u0026 scan)\u0027\n failed in handler::ha_rnd_init(bool) with InnoDB, joins,\n AND/OR conditions\n * MDEV-18105 - Mariabackup fails to copy encrypted InnoDB\n system tablespace if LSN\u003e4G\n * MDEV-18041 - Database corruption after renaming a\n prefix-indexed column [bsc#1120041]\n * MDEV-17470 - Orphan temporary files after interrupted ALTER\n cause InnoDB: Operating system error number 17 and eventual\n fatal error 71\n * MDEV-17833: ALTER TABLE is not enforcing prefix index size\n limit\n * MDEV-17989: InnoDB: Failing assertion:\n dict_tf2_is_valid(flags, flags2)\n * MDEV-17765: Locking bug fix for SPATIAL INDEX\n * MDEV-17923, MDEV-17904, MDEV-17938: Fixes for FULLTEXT INDEX\n * Fixes for regressions introduced in MariaDB Server 10.2.19 by\n the backup-safe TRUNCATE TABLE (MDEV-13564,\n innodb_safe_truncate=ON) and innodb_undo_log_truncate:\n * MDEV-17780, MDEV-17816, MDEV-17849, MDEV-17851, MDEV-17885\n * Several improvements to MariaDB Server and backup for dealing\n with encrypted or page_compressed pages:\n * MDEV-12112: corruption in encrypted table may be overlooked\n * MDEV-17958: On little-endian systems, remove bug-compatible\n variant of innodb_checksum_algorithm=crc32\n * MDEV-17957: Make innodb_checksum_algorithm stricter for\n strict_* values\n * MDEV-18025: Mariabackup fails to detect corrupted\n page_compressed=1 tables\n * release notes and changelog:\n - https://mariadb.com/kb/en/library/mariadb-10221-release-notes\n - https://mariadb.com/kb/en/library/mariadb-10221-changelog\n - https://mariadb.com/kb/en/library/mariadb-10220-release-notes\n - https://mariadb.com/kb/en/library/mariadb-10220-changelog\n- remove PerconaFT from the package as it has AGPL licence (bsc#1118754)\n- Add patch to link against libatomic where necessary and\n use C++11 atomics instead of gcc built-in atomics\n- update to 10.2.19 GA [bsc#1116686]\n * innodb_safe_truncate system variable for a backup-safe\n TRUNCATE TABLE implementation that is based on RENAME,\n CREATE, DROP (MDEV-14717, MDEV-14585, MDEV-13564). Default\n value for this variable is ON. If you absolutely must use\n XtraBackup instead of Mariabackup, you can set it to OFF and\n restart the server\n * MDEV-17289: Multi-pass recovery fails to apply some redo\n log records\n * MDEV-17073: INSERT\u2026ON DUPLICATE KEY UPDATE became more\n deadlock-prone\n * MDEV-17491: micro optimize page_id_t\n * MDEV-13671: InnoDB should use case-insensitive column name\n comparisons like the rest of the server\n * Fixes for indexed virtual columns: MDEV-17215, MDEV-16980\n * MDEV-17433: Allow InnoDB start up with empty ib_logfile0\n from mariabackup --prepare\n * MDEV-12547: InnoDB FULLTEXT index has too strict\n innodb_ft_result_cache_limit max limit\n * MDEV-17541: KILL QUERY during lock wait in FOREIGN KEY\n check causes hang\n * MDEV-17531: Crash in RENAME TABLE with FOREIGN KEY and\n FULLTEXT INDEX\n * MDEV-17532: Performance_schema reports wrong directory for\n the temporary files of ALTER TABLE\u2026ALGORITHM=INPLACE\n * MDEV-17545: Predicate lock for SPATIAL INDEX should lock\n non-matching record\n * MDEV-17546: SPATIAL INDEX should not be allowed for\n FOREIGN KEY\n * MDEV-17548: Incorrect access to off-page column for\n indexed virtual column\n * MDEV-12023: Assertion failure sym_node-\u003etable != NULL\n on startup\n * MDEV-17230: encryption_key_id from alter is ignored by\n encryption threads\n * release notes and changelog:\n - https://mariadb.com/kb/en/library/mariadb-10219-release-notes\n - https://mariadb.com/kb/en/library/mariadb-10219-changelog\n- do not pack libmariadb.pc (packed in mariadb-connector-c)\n- add \u0027Requires: libmariadb_plugins\u0027 to the mariadb-test subpackage\n in order to be able to test client plugins successfuly\n (bsc#1111859)\n- don\u0027t remove debug_key_management.so anymore (bsc#1111858)\n- update to 10.2.18 GA\n * MDEV-15511 - if available, stunnel can be used during Galera\n rsync SST\n * MDEV-16791 - mariabackup: Support DDL commands during backup\n * MDEV-13564 - Refuse MLOG_TRUNCATE in mariabackup\n * MDEV-16934 - add new system variable eq_range_index_dive_limit\n to speed up queries that new long nested IN lists. The default\n value, for backward compatibility, is 0 meaning \u0027unlimited\u0027.\n * MDEV-13333 - errors on InnoDB lock conflict\n * Report all InnoDB redo log corruption\n * MDEV-17043 - Purge of indexed virtual columns may cause hang\n on table-rebuilding DDL\n * MDEV-16868 - corruption of InnoDB temporary tables\n * MDEV-16465 - Invalid (old?) table or database name or hang\n in ha_innobase::delete_table and log semaphore wait upon\n concurrent DDL with foreign keys\n * release notes and changelog:\n - https://mariadb.com/kb/en/library/mariadb-10218-release-notes\n - https://mariadb.com/kb/en/library/mariadb-10218-changelog\n- update to 10.2.17 GA\n * New variable innodb_log_optimize_ddl for avoiding delay due\n to page flushing and allowing concurrent backup\n * InnoDB updated to 5.7.23\n * MDEV-14637 - Fix hang due to DDL with FOREIGN KEY or\n persistent statistics\n * MDEV-15953 - Alter InnoDB Partitioned Table Moves Files\n (which were originally not in the datadir) to the datadir\n * MDEV-16515 - InnoDB: Failing assertion: ++retries \u003c 10000 in\n file dict0dict.cc line 2737\n * MDEV-16809 - Allow full redo logging for ALTER TABLE\n * Temporary tables: MDEV-16713 - InnoDB hang with repeating\n log entry\n * indexed virtual columns: MDEV-15855 - Deadlock between purge\n thread and DDL statement\n * MDEV-16664 - Change the default to\n innodb_lock_schedule_algorithm=fcfs\n * Galera: MDEV-15822 - WSREP: BF lock wait long for trx\n * release notes and changelog:\n - https://mariadb.com/kb/en/library/mariadb-10217-release-notes\n - https://mariadb.com/kb/en/library/mariadb-10217-changelog\n- switch to libedit as control sequences were already fixed there\n so we don\u0027t have to avoid it (bsc#1098683)\n- update to 10.2.16 GA\n * MDEV-13122: mariabackup now supports MyRocks\n * MDEV-13779 - InnoDB fails to shut down purge workers, causing\n hang\n * MDEV-16267 - Wrong INFORMATION_SCHEMA.INNODB_BUFFER_PAGE.\\\n TABLE_NAME\n * MDEV-13834 - Upgrade failure from 10.1 innodb_encrypt_log\n * MDEV-16283 - ALTER TABLE...DISCARD TABLESPACE still takes long\n on a large buffer pool\n * MDEV-16376 - ASAN: heap-use-after-free in\n gcol.innodb_virtual_debug\n * MDEV-15824 - innodb_defragment=ON trumps\n innodb_optimize_fulltext_only=ON in OPTIMIZE TABLE\n * MDEV-16124 - fil_rename_tablespace() times out and crashes\n server during table-rebuilding ALTER TABLE\n * MDEV-16416 - Crash on IMPORT TABLESPACE of a\n ROW_FORMAT=COMPRESSED table\n * MDEV-16456 - InnoDB error \u0027returned OS error 71\u0027 complains\n about wrong path\n * MDEV-13103 - Deal with page_compressed page corruption\n * MDEV-16496 - Mariabackup: Implement --verbose option to\n instrument InnoDB log apply\n * MDEV-16087 - Inconsistent SELECT results when query cache\n is enabled\n * MDEV-15114 - ASAN heap-use-after-free in mem_heap_dup or\n dfield_data_is_binary_equal (fix for indexed virtual columns)\n * release notes and changelog:\n - https://mariadb.com/kb/en/library/mariadb-10216-release-notes\n - https://mariadb.com/kb/en/library/mariadb-10216-changelog\n- pack wsrep_sst_rsync_wan file to galera subpackage\n\nBug fixes and changes for galera-3:\n\n- update to 25.3.24:\n * A support for new certification key type was added to allow\n more relaxed certification rules for foreign key references (galera#491).\n * New status variables were added to display the number of open transactions\n and referenced client connections inside Galera provider (galera#492).\n * GCache was sometimes cleared unnecessarily on startup if the recovered\n state had smaller sequence number than the highest found from GCache.\n Now only entries with sequence number higher than recovery point will be\n cleared (galera#498).\n * Non-primary configuration is saved into grastate.dat only when if the\n node is in closing state (galera#499).\n * Exception from GComm was not always handled properly resulting in\n Galera to remain in half closed state. This was fixed by propagating the\n error condition appropriately to upper layers (galera#500).\n * A new status variable displaying the total weight of the cluster nodes\n was added (galera#501).\n * The value of pc.weight did not reflect the actual effective value after\n setting it via wsrep_provider_options. This was fixed by making sure that\n the new value is taken into use before returning the control back to\n caller (galera#505, MDEV-11959)\n * Use of ECHD algorithms with old OpenSSL versions was enabled (galera#511).\n * Default port value is now used by garbd if the port is not explicitly\n given in cluster address (MDEV-15531).\n * Correct error handling for posix_fallocate().\n * Failed causal reads are retried during configuration changes.\n\nBug fixes and changes for mariadb-connector-c:\n\n- New upstream version 3.0.6\n * MDEV-15263: FIx IS_NUM() macro\n * CONC-297: local infile parameter must be unsigned int instead\n of my_bool\n * CONC-329: change return value of internal socket functions\n from my_bool to int\n * CONC-332: my_auth doesn\u0027t read/update server ok packet\n * CONC-344: reset internal row counter\n * CONC-345: invalid heap use after free\n * CONC-346: Remove old cmake policies\n * fixed crash in mysql_select_db if NULL parameter was provided\n- New upstream version 3.0.5\n * CONC-336: Allow multiple initialization of client library\n * Fixed string to MYSQL_TIME conversion (prepared statements)\n * CONC-334: Copy all members of MYSQL_FIELD to internal\n statement structure\n * Fixed double free in dynamic column library\n * Added checks for corrupted packets in protocol\n * MDEV-15450: Added default connection attribute _server_host\n * CONC-326: fixed wrong openssl thread id callback\n- New upstream version 3.0.4\n * Added option MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS for\n mysql_options()/mysql_optionsv():\n * New plugin configuration interface: The default configuration\n for a specific plugin can be specified via cmake parameter\n -DCLIENT_PLUGIN_${PLUGIN}=[DYNAMIC|STATIC|OFF].\n * Added support for linux abstract socket (MDEV-15655).\n * CONC-320: Added asynchronous/non-blocking support for\n OpenSSL and GnuTLS\n * CONC-294: Access violation in mysql_close when using\n a connection plugin.\n * MDEV-14977: If built dynamically the old_password plugin\n could not be located due to wrong filename (must be\n mysql_old_password.so instead of old_password.so).\n * CONC-315: If no default client character set was specified,\n the utf8 character set will be used by default (instead of\n setting the client character set to server character set)\n * CONC-317: Parsing of configuration file fails if key/value\n pairs contain white spaces.\n * CONC-322: Correct handling of EAGAIN and EINPROGRESS in\n internal_connect (socket) for non windows platforms.\n * CONC-323: mariadb_stmt_execute_direct hangs forever if\n compression used.\n * CONC-324: Wrong codepage numbers for some collations.\n * CONC-326: ssl_thread_init() uses wrong openssl threadid\n callback\n- Drop libmysqlclient_r Provides from the -devel package.\n (bsc#1097938)\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2019-628,SUSE-2019-628,SUSE-OpenStack-Cloud-8-2019-628,SUSE-OpenStack-Cloud-Crowbar-8-2019-628",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0628-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0628-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190628-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0628-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190628-1.html"
},
{
"category": "self",
"summary": "SUSE Bug 1013882",
"url": "https://bugzilla.suse.com/1013882"
},
{
"category": "self",
"summary": "SUSE Bug 1097938",
"url": "https://bugzilla.suse.com/1097938"
},
{
"category": "self",
"summary": "SUSE Bug 1098683",
"url": "https://bugzilla.suse.com/1098683"
},
{
"category": "self",
"summary": "SUSE Bug 1101676",
"url": "https://bugzilla.suse.com/1101676"
},
{
"category": "self",
"summary": "SUSE Bug 1101677",
"url": "https://bugzilla.suse.com/1101677"
},
{
"category": "self",
"summary": "SUSE Bug 1101678",
"url": "https://bugzilla.suse.com/1101678"
},
{
"category": "self",
"summary": "SUSE Bug 1103342",
"url": "https://bugzilla.suse.com/1103342"
},
{
"category": "self",
"summary": "SUSE Bug 1111858",
"url": "https://bugzilla.suse.com/1111858"
},
{
"category": "self",
"summary": "SUSE Bug 1111859",
"url": "https://bugzilla.suse.com/1111859"
},
{
"category": "self",
"summary": "SUSE Bug 1112368",
"url": "https://bugzilla.suse.com/1112368"
},
{
"category": "self",
"summary": "SUSE Bug 1112377",
"url": "https://bugzilla.suse.com/1112377"
},
{
"category": "self",
"summary": "SUSE Bug 1112384",
"url": "https://bugzilla.suse.com/1112384"
},
{
"category": "self",
"summary": "SUSE Bug 1112386",
"url": "https://bugzilla.suse.com/1112386"
},
{
"category": "self",
"summary": "SUSE Bug 1112391",
"url": "https://bugzilla.suse.com/1112391"
},
{
"category": "self",
"summary": "SUSE Bug 1112397",
"url": "https://bugzilla.suse.com/1112397"
},
{
"category": "self",
"summary": "SUSE Bug 1112404",
"url": "https://bugzilla.suse.com/1112404"
},
{
"category": "self",
"summary": "SUSE Bug 1112415",
"url": "https://bugzilla.suse.com/1112415"
},
{
"category": "self",
"summary": "SUSE Bug 1112417",
"url": "https://bugzilla.suse.com/1112417"
},
{
"category": "self",
"summary": "SUSE Bug 1112421",
"url": "https://bugzilla.suse.com/1112421"
},
{
"category": "self",
"summary": "SUSE Bug 1112432",
"url": "https://bugzilla.suse.com/1112432"
},
{
"category": "self",
"summary": "SUSE Bug 1116686",
"url": "https://bugzilla.suse.com/1116686"
},
{
"category": "self",
"summary": "SUSE Bug 1118754",
"url": "https://bugzilla.suse.com/1118754"
},
{
"category": "self",
"summary": "SUSE Bug 1120041",
"url": "https://bugzilla.suse.com/1120041"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9843 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3058 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3060 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3063 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3064 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3066 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3143 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3162 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3173 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3174 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3185 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3200 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3251 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3277 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3282 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3284 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3284/"
}
],
"title": "Security update for galera-3, mariadb, mariadb-connector-c",
"tracking": {
"current_release_date": "2019-03-18T10:19:44Z",
"generator": {
"date": "2019-03-18T10:19:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0628-1",
"initial_release_date": "2019-03-18T10:19:44Z",
"revision_history": [
{
"date": "2019-03-18T10:19:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "galera-3-25.3.24-4.3.1.aarch64",
"product": {
"name": "galera-3-25.3.24-4.3.1.aarch64",
"product_id": "galera-3-25.3.24-4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.aarch64",
"product": {
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.aarch64",
"product_id": "galera-3-wsrep-provider-25.3.24-4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadb-devel-3.0.6-3.6.1.aarch64",
"product": {
"name": "libmariadb-devel-3.0.6-3.6.1.aarch64",
"product_id": "libmariadb-devel-3.0.6-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadb3-3.0.6-3.6.1.aarch64",
"product": {
"name": "libmariadb3-3.0.6-3.6.1.aarch64",
"product_id": "libmariadb3-3.0.6-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadb_plugins-3.0.6-3.6.1.aarch64",
"product": {
"name": "libmariadb_plugins-3.0.6-3.6.1.aarch64",
"product_id": "libmariadb_plugins-3.0.6-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadbprivate-3.0.6-3.6.1.aarch64",
"product": {
"name": "libmariadbprivate-3.0.6-3.6.1.aarch64",
"product_id": "libmariadbprivate-3.0.6-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.2.21-4.8.1.aarch64",
"product": {
"name": "libmysqld-devel-10.2.21-4.8.1.aarch64",
"product_id": "libmysqld-devel-10.2.21-4.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmysqld19-10.2.21-4.8.1.aarch64",
"product": {
"name": "libmysqld19-10.2.21-4.8.1.aarch64",
"product_id": "libmysqld19-10.2.21-4.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-10.2.21-4.8.1.aarch64",
"product": {
"name": "mariadb-10.2.21-4.8.1.aarch64",
"product_id": "mariadb-10.2.21-4.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.2.21-4.8.1.aarch64",
"product": {
"name": "mariadb-bench-10.2.21-4.8.1.aarch64",
"product_id": "mariadb-bench-10.2.21-4.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.2.21-4.8.1.aarch64",
"product": {
"name": "mariadb-client-10.2.21-4.8.1.aarch64",
"product_id": "mariadb-client-10.2.21-4.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.2.21-4.8.1.aarch64",
"product": {
"name": "mariadb-galera-10.2.21-4.8.1.aarch64",
"product_id": "mariadb-galera-10.2.21-4.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.2.21-4.8.1.aarch64",
"product": {
"name": "mariadb-test-10.2.21-4.8.1.aarch64",
"product_id": "mariadb-test-10.2.21-4.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.2.21-4.8.1.aarch64",
"product": {
"name": "mariadb-tools-10.2.21-4.8.1.aarch64",
"product_id": "mariadb-tools-10.2.21-4.8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadb3-64bit-3.0.6-3.6.1.aarch64_ilp32",
"product": {
"name": "libmariadb3-64bit-3.0.6-3.6.1.aarch64_ilp32",
"product_id": "libmariadb3-64bit-3.0.6-3.6.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-errormessages-10.2.21-4.8.1.noarch",
"product": {
"name": "mariadb-errormessages-10.2.21-4.8.1.noarch",
"product_id": "mariadb-errormessages-10.2.21-4.8.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "galera-3-25.3.24-4.3.1.ppc64le",
"product": {
"name": "galera-3-25.3.24-4.3.1.ppc64le",
"product_id": "galera-3-25.3.24-4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.ppc64le",
"product": {
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.ppc64le",
"product_id": "galera-3-wsrep-provider-25.3.24-4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadb-devel-3.0.6-3.6.1.ppc64le",
"product": {
"name": "libmariadb-devel-3.0.6-3.6.1.ppc64le",
"product_id": "libmariadb-devel-3.0.6-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadb3-3.0.6-3.6.1.ppc64le",
"product": {
"name": "libmariadb3-3.0.6-3.6.1.ppc64le",
"product_id": "libmariadb3-3.0.6-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadb_plugins-3.0.6-3.6.1.ppc64le",
"product": {
"name": "libmariadb_plugins-3.0.6-3.6.1.ppc64le",
"product_id": "libmariadb_plugins-3.0.6-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadbprivate-3.0.6-3.6.1.ppc64le",
"product": {
"name": "libmariadbprivate-3.0.6-3.6.1.ppc64le",
"product_id": "libmariadbprivate-3.0.6-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.2.21-4.8.1.ppc64le",
"product": {
"name": "libmysqld-devel-10.2.21-4.8.1.ppc64le",
"product_id": "libmysqld-devel-10.2.21-4.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqld19-10.2.21-4.8.1.ppc64le",
"product": {
"name": "libmysqld19-10.2.21-4.8.1.ppc64le",
"product_id": "libmysqld19-10.2.21-4.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-10.2.21-4.8.1.ppc64le",
"product": {
"name": "mariadb-10.2.21-4.8.1.ppc64le",
"product_id": "mariadb-10.2.21-4.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.2.21-4.8.1.ppc64le",
"product": {
"name": "mariadb-bench-10.2.21-4.8.1.ppc64le",
"product_id": "mariadb-bench-10.2.21-4.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.2.21-4.8.1.ppc64le",
"product": {
"name": "mariadb-client-10.2.21-4.8.1.ppc64le",
"product_id": "mariadb-client-10.2.21-4.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.2.21-4.8.1.ppc64le",
"product": {
"name": "mariadb-galera-10.2.21-4.8.1.ppc64le",
"product_id": "mariadb-galera-10.2.21-4.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.2.21-4.8.1.ppc64le",
"product": {
"name": "mariadb-test-10.2.21-4.8.1.ppc64le",
"product_id": "mariadb-test-10.2.21-4.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.2.21-4.8.1.ppc64le",
"product": {
"name": "mariadb-tools-10.2.21-4.8.1.ppc64le",
"product_id": "mariadb-tools-10.2.21-4.8.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "galera-3-25.3.24-4.3.1.s390x",
"product": {
"name": "galera-3-25.3.24-4.3.1.s390x",
"product_id": "galera-3-25.3.24-4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.s390x",
"product": {
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.s390x",
"product_id": "galera-3-wsrep-provider-25.3.24-4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadb-devel-3.0.6-3.6.1.s390x",
"product": {
"name": "libmariadb-devel-3.0.6-3.6.1.s390x",
"product_id": "libmariadb-devel-3.0.6-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadb3-3.0.6-3.6.1.s390x",
"product": {
"name": "libmariadb3-3.0.6-3.6.1.s390x",
"product_id": "libmariadb3-3.0.6-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadb_plugins-3.0.6-3.6.1.s390x",
"product": {
"name": "libmariadb_plugins-3.0.6-3.6.1.s390x",
"product_id": "libmariadb_plugins-3.0.6-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadbprivate-3.0.6-3.6.1.s390x",
"product": {
"name": "libmariadbprivate-3.0.6-3.6.1.s390x",
"product_id": "libmariadbprivate-3.0.6-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.2.21-4.8.1.s390x",
"product": {
"name": "libmysqld-devel-10.2.21-4.8.1.s390x",
"product_id": "libmysqld-devel-10.2.21-4.8.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqld19-10.2.21-4.8.1.s390x",
"product": {
"name": "libmysqld19-10.2.21-4.8.1.s390x",
"product_id": "libmysqld19-10.2.21-4.8.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-10.2.21-4.8.1.s390x",
"product": {
"name": "mariadb-10.2.21-4.8.1.s390x",
"product_id": "mariadb-10.2.21-4.8.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.2.21-4.8.1.s390x",
"product": {
"name": "mariadb-bench-10.2.21-4.8.1.s390x",
"product_id": "mariadb-bench-10.2.21-4.8.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.2.21-4.8.1.s390x",
"product": {
"name": "mariadb-client-10.2.21-4.8.1.s390x",
"product_id": "mariadb-client-10.2.21-4.8.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.2.21-4.8.1.s390x",
"product": {
"name": "mariadb-galera-10.2.21-4.8.1.s390x",
"product_id": "mariadb-galera-10.2.21-4.8.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.2.21-4.8.1.s390x",
"product": {
"name": "mariadb-test-10.2.21-4.8.1.s390x",
"product_id": "mariadb-test-10.2.21-4.8.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.2.21-4.8.1.s390x",
"product": {
"name": "mariadb-tools-10.2.21-4.8.1.s390x",
"product_id": "mariadb-tools-10.2.21-4.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"product": {
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"product_id": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadb3-3.0.6-3.6.1.x86_64",
"product": {
"name": "libmariadb3-3.0.6-3.6.1.x86_64",
"product_id": "libmariadb3-3.0.6-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-10.2.21-4.8.1.x86_64",
"product": {
"name": "mariadb-10.2.21-4.8.1.x86_64",
"product_id": "mariadb-10.2.21-4.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.2.21-4.8.1.x86_64",
"product": {
"name": "mariadb-client-10.2.21-4.8.1.x86_64",
"product_id": "mariadb-client-10.2.21-4.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.2.21-4.8.1.x86_64",
"product": {
"name": "mariadb-galera-10.2.21-4.8.1.x86_64",
"product_id": "mariadb-galera-10.2.21-4.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.2.21-4.8.1.x86_64",
"product": {
"name": "mariadb-tools-10.2.21-4.8.1.x86_64",
"product_id": "mariadb-tools-10.2.21-4.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "galera-3-25.3.24-4.3.1.x86_64",
"product": {
"name": "galera-3-25.3.24-4.3.1.x86_64",
"product_id": "galera-3-25.3.24-4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadb-devel-3.0.6-3.6.1.x86_64",
"product": {
"name": "libmariadb-devel-3.0.6-3.6.1.x86_64",
"product_id": "libmariadb-devel-3.0.6-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadb_plugins-3.0.6-3.6.1.x86_64",
"product": {
"name": "libmariadb_plugins-3.0.6-3.6.1.x86_64",
"product_id": "libmariadb_plugins-3.0.6-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadbprivate-3.0.6-3.6.1.x86_64",
"product": {
"name": "libmariadbprivate-3.0.6-3.6.1.x86_64",
"product_id": "libmariadbprivate-3.0.6-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.2.21-4.8.1.x86_64",
"product": {
"name": "libmysqld-devel-10.2.21-4.8.1.x86_64",
"product_id": "libmysqld-devel-10.2.21-4.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqld19-10.2.21-4.8.1.x86_64",
"product": {
"name": "libmysqld19-10.2.21-4.8.1.x86_64",
"product_id": "libmysqld19-10.2.21-4.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.2.21-4.8.1.x86_64",
"product": {
"name": "mariadb-bench-10.2.21-4.8.1.x86_64",
"product_id": "mariadb-bench-10.2.21-4.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.2.21-4.8.1.x86_64",
"product": {
"name": "mariadb-test-10.2.21-4.8.1.x86_64",
"product_id": "mariadb-test-10.2.21-4.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64"
},
"product_reference": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadb3-3.0.6-3.6.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64"
},
"product_reference": "libmariadb3-3.0.6-3.6.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.2.21-4.8.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.2.21-4.8.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-client-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.2.21-4.8.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch"
},
"product_reference": "mariadb-errormessages-10.2.21-4.8.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-10.2.21-4.8.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-galera-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.2.21-4.8.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-tools-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64"
},
"product_reference": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadb3-3.0.6-3.6.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64"
},
"product_reference": "libmariadb3-3.0.6-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.2.21-4.8.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.2.21-4.8.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-client-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.2.21-4.8.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch"
},
"product_reference": "mariadb-errormessages-10.2.21-4.8.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-10.2.21-4.8.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-galera-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.2.21-4.8.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-tools-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64"
},
"product_reference": "galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadb3-3.0.6-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64"
},
"product_reference": "libmariadb3-3.0.6-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.2.21-4.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.2.21-4.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-client-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.2.21-4.8.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch"
},
"product_reference": "mariadb-errormessages-10.2.21-4.8.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-10.2.21-4.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-galera-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.2.21-4.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
},
"product_reference": "mariadb-tools-10.2.21-4.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9843"
}
],
"notes": [
{
"category": "general",
"text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9843",
"url": "https://www.suse.com/security/cve/CVE-2016-9843"
},
{
"category": "external",
"summary": "SUSE Bug 1003580 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1003580"
},
{
"category": "external",
"summary": "SUSE Bug 1013882 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1013882"
},
{
"category": "external",
"summary": "SUSE Bug 1038505 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1038505"
},
{
"category": "external",
"summary": "SUSE Bug 1062104 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1062104"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1116686"
},
{
"category": "external",
"summary": "SUSE Bug 1120866 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1120866"
},
{
"category": "external",
"summary": "SUSE Bug 1123150 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1123150"
},
{
"category": "external",
"summary": "SUSE Bug 1127473 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1127473"
},
{
"category": "external",
"summary": "SUSE Bug 1184301 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1184301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2016-9843"
},
{
"cve": "CVE-2018-3058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3058"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3058",
"url": "https://www.suse.com/security/cve/CVE-2018-3058"
},
{
"category": "external",
"summary": "SUSE Bug 1101676 for CVE-2018-3058",
"url": "https://bugzilla.suse.com/1101676"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3058",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3058"
},
{
"cve": "CVE-2018-3060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3060"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3060",
"url": "https://www.suse.com/security/cve/CVE-2018-3060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3060"
},
{
"cve": "CVE-2018-3063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3063"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3063",
"url": "https://www.suse.com/security/cve/CVE-2018-3063"
},
{
"category": "external",
"summary": "SUSE Bug 1101677 for CVE-2018-3063",
"url": "https://bugzilla.suse.com/1101677"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3063",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3063"
},
{
"cve": "CVE-2018-3064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3064"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3064",
"url": "https://www.suse.com/security/cve/CVE-2018-3064"
},
{
"category": "external",
"summary": "SUSE Bug 1103342 for CVE-2018-3064",
"url": "https://bugzilla.suse.com/1103342"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3064",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "important"
}
],
"title": "CVE-2018-3064"
},
{
"cve": "CVE-2018-3066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3066"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3066",
"url": "https://www.suse.com/security/cve/CVE-2018-3066"
},
{
"category": "external",
"summary": "SUSE Bug 1101678 for CVE-2018-3066",
"url": "https://bugzilla.suse.com/1101678"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3066",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "low"
}
],
"title": "CVE-2018-3066"
},
{
"cve": "CVE-2018-3143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3143"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3143",
"url": "https://www.suse.com/security/cve/CVE-2018-3143"
},
{
"category": "external",
"summary": "SUSE Bug 1112421 for CVE-2018-3143",
"url": "https://bugzilla.suse.com/1112421"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3143",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3143"
},
{
"cve": "CVE-2018-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3156"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3156",
"url": "https://www.suse.com/security/cve/CVE-2018-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1112417 for CVE-2018-3156",
"url": "https://bugzilla.suse.com/1112417"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3156",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3156"
},
{
"cve": "CVE-2018-3162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3162"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3162",
"url": "https://www.suse.com/security/cve/CVE-2018-3162"
},
{
"category": "external",
"summary": "SUSE Bug 1112415 for CVE-2018-3162",
"url": "https://bugzilla.suse.com/1112415"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3162",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3162"
},
{
"cve": "CVE-2018-3173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3173"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3173",
"url": "https://www.suse.com/security/cve/CVE-2018-3173"
},
{
"category": "external",
"summary": "SUSE Bug 1112386 for CVE-2018-3173",
"url": "https://bugzilla.suse.com/1112386"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3173",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3173"
},
{
"cve": "CVE-2018-3174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3174"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3174",
"url": "https://www.suse.com/security/cve/CVE-2018-3174"
},
{
"category": "external",
"summary": "SUSE Bug 1112368 for CVE-2018-3174",
"url": "https://bugzilla.suse.com/1112368"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3174",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3174"
},
{
"cve": "CVE-2018-3185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3185"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3185",
"url": "https://www.suse.com/security/cve/CVE-2018-3185"
},
{
"category": "external",
"summary": "SUSE Bug 1112384 for CVE-2018-3185",
"url": "https://bugzilla.suse.com/1112384"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3185",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3185"
},
{
"cve": "CVE-2018-3200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3200"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3200",
"url": "https://www.suse.com/security/cve/CVE-2018-3200"
},
{
"category": "external",
"summary": "SUSE Bug 1112404 for CVE-2018-3200",
"url": "https://bugzilla.suse.com/1112404"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3200",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3200"
},
{
"cve": "CVE-2018-3251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3251"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3251",
"url": "https://www.suse.com/security/cve/CVE-2018-3251"
},
{
"category": "external",
"summary": "SUSE Bug 1112397 for CVE-2018-3251",
"url": "https://bugzilla.suse.com/1112397"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3251",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3251"
},
{
"cve": "CVE-2018-3277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3277"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3277",
"url": "https://www.suse.com/security/cve/CVE-2018-3277"
},
{
"category": "external",
"summary": "SUSE Bug 1112391 for CVE-2018-3277",
"url": "https://bugzilla.suse.com/1112391"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3277",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3277"
},
{
"cve": "CVE-2018-3282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3282"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3282",
"url": "https://www.suse.com/security/cve/CVE-2018-3282"
},
{
"category": "external",
"summary": "SUSE Bug 1112432 for CVE-2018-3282",
"url": "https://bugzilla.suse.com/1112432"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3282",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3282"
},
{
"cve": "CVE-2018-3284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3284"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3284",
"url": "https://www.suse.com/security/cve/CVE-2018-3284"
},
{
"category": "external",
"summary": "SUSE Bug 1112377 for CVE-2018-3284",
"url": "https://bugzilla.suse.com/1112377"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3284",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"HPE Helion OpenStack 8:libmariadb3-3.0.6-3.6.1.x86_64",
"HPE Helion OpenStack 8:mariadb-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-client-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"HPE Helion OpenStack 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"HPE Helion OpenStack 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud 8:mariadb-tools-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:galera-3-wsrep-provider-25.3.24-4.3.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmariadb3-3.0.6-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-client-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-errormessages-10.2.21-4.8.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:mariadb-galera-10.2.21-4.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:mariadb-tools-10.2.21-4.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-18T10:19:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-3284"
}
]
}
SUSE-SU-2019:1441-1
Vulnerability from csaf_suse - Published: 2019-06-06 16:15 - Updated: 2019-06-06 16:15Summary
Recommended update for mariadb, mariadb-connector-c
Severity
Important
Notes
Title of the patch: Recommended update for mariadb, mariadb-connector-c
Description of the patch: This update for mariadb to version 10.2.22 fixes the following issues:
Security issues fixed:
- Update to MariaDB 10.2.22 GA:
* CVE-2019-2510: (bsc#1122198)
* CVE-2019-2537: (bsc#1122198)
- Update to MariaDB 10.2.19 GA (bsc#1116686):
* CVE-2018-3282: (bsc#1112432)
* CVE-2016-9843: (bsc#1013882)
* CVE-2018-3174: (bsc#1112368)
* CVE-2018-3143: (bsc#1112421)
* CVE-2018-3156: (bsc#1112417)
* CVE-2018-3251: (bsc#1112397)
* CVE-2018-3185: (bsc#1112384)
* CVE-2018-3277: (bsc#1112391)
* CVE-2018-3162: (bsc#1112415)
* CVE-2018-3173: (bsc#1112386)
* CVE-2018-3200: (bsc#1112404)
* CVE-2018-3284: (bsc#1112377)
- Update to MariaDB 10.2.18 GA:
* CVE-2017-10320: (bsc#1064113)
* CVE-2017-10365: (bsc#1064114)
* CVE-2017-15365: (bsc#1072167)
* CVE-2018-3058: (bsc#1101676)
* CVE-2018-3063: (bsc#1101677)
* CVE-2018-3064: (bsc#1103342)
* CVE-2018-3066: (bsc#1101678)
* CVE-2018-2759, CVE-2018-2777, CVE-2018-2786, CVE-2018-2810, CVE-2018-3060
Other issues fixed:
- Fixed an issue where mysl_install_db fails due to incorrect basedir (bsc#1127027).
- Fixed an issue where the lograte was not working (bsc#1112767).
- Remove xtrabackup dependency as MariaDB ships a build in mariabackup so xtrabackup is not needed (bsc#1122475).
- Fixed database corruption after renaming a prefix-indexed column (bsc#1120041).
- Remove PerconaFT from the package as it has AGPL licence (bsc#1118754).
The complete changelog can be found at: https://mariadb.com/kb/en/library/mariadb-10222-changelog/
Patchnames: SUSE-2019-1441,SUSE-OpenStack-Cloud-7-2019-1441
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.8 (Critical)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
127 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for mariadb, mariadb-connector-c",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mariadb to version 10.2.22 fixes the following issues:\n\nSecurity issues fixed: \n\n- Update to MariaDB 10.2.22 GA:\n * CVE-2019-2510: (bsc#1122198)\n * CVE-2019-2537: (bsc#1122198)\n- Update to MariaDB 10.2.19 GA (bsc#1116686):\n * CVE-2018-3282: (bsc#1112432)\n * CVE-2016-9843: (bsc#1013882)\n * CVE-2018-3174: (bsc#1112368)\n * CVE-2018-3143: (bsc#1112421)\n * CVE-2018-3156: (bsc#1112417)\n * CVE-2018-3251: (bsc#1112397)\n * CVE-2018-3185: (bsc#1112384)\n * CVE-2018-3277: (bsc#1112391)\n * CVE-2018-3162: (bsc#1112415)\n * CVE-2018-3173: (bsc#1112386)\n * CVE-2018-3200: (bsc#1112404)\n * CVE-2018-3284: (bsc#1112377)\n- Update to MariaDB 10.2.18 GA:\n * CVE-2017-10320: (bsc#1064113)\n * CVE-2017-10365: (bsc#1064114)\n * CVE-2017-15365: (bsc#1072167)\n * CVE-2018-3058: (bsc#1101676)\n * CVE-2018-3063: (bsc#1101677)\n * CVE-2018-3064: (bsc#1103342)\n * CVE-2018-3066: (bsc#1101678)\n * CVE-2018-2759, CVE-2018-2777, CVE-2018-2786, CVE-2018-2810, CVE-2018-3060\n\nOther issues fixed:\n\n- Fixed an issue where mysl_install_db fails due to incorrect basedir (bsc#1127027).\n- Fixed an issue where the lograte was not working (bsc#1112767).\n- Remove xtrabackup dependency as MariaDB ships a build in mariabackup so xtrabackup is not needed (bsc#1122475).\n- Fixed database corruption after renaming a prefix-indexed column (bsc#1120041).\n- Remove PerconaFT from the package as it has AGPL licence (bsc#1118754).\n\nThe complete changelog can be found at: https://mariadb.com/kb/en/library/mariadb-10222-changelog/\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-1441,SUSE-OpenStack-Cloud-7-2019-1441",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1441-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:1441-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191441-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:1441-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005536.html"
},
{
"category": "self",
"summary": "SUSE Bug 1013882",
"url": "https://bugzilla.suse.com/1013882"
},
{
"category": "self",
"summary": "SUSE Bug 1064113",
"url": "https://bugzilla.suse.com/1064113"
},
{
"category": "self",
"summary": "SUSE Bug 1064114",
"url": "https://bugzilla.suse.com/1064114"
},
{
"category": "self",
"summary": "SUSE Bug 1072167",
"url": "https://bugzilla.suse.com/1072167"
},
{
"category": "self",
"summary": "SUSE Bug 1101676",
"url": "https://bugzilla.suse.com/1101676"
},
{
"category": "self",
"summary": "SUSE Bug 1101677",
"url": "https://bugzilla.suse.com/1101677"
},
{
"category": "self",
"summary": "SUSE Bug 1101678",
"url": "https://bugzilla.suse.com/1101678"
},
{
"category": "self",
"summary": "SUSE Bug 1103342",
"url": "https://bugzilla.suse.com/1103342"
},
{
"category": "self",
"summary": "SUSE Bug 1112368",
"url": "https://bugzilla.suse.com/1112368"
},
{
"category": "self",
"summary": "SUSE Bug 1112377",
"url": "https://bugzilla.suse.com/1112377"
},
{
"category": "self",
"summary": "SUSE Bug 1112384",
"url": "https://bugzilla.suse.com/1112384"
},
{
"category": "self",
"summary": "SUSE Bug 1112386",
"url": "https://bugzilla.suse.com/1112386"
},
{
"category": "self",
"summary": "SUSE Bug 1112391",
"url": "https://bugzilla.suse.com/1112391"
},
{
"category": "self",
"summary": "SUSE Bug 1112397",
"url": "https://bugzilla.suse.com/1112397"
},
{
"category": "self",
"summary": "SUSE Bug 1112404",
"url": "https://bugzilla.suse.com/1112404"
},
{
"category": "self",
"summary": "SUSE Bug 1112415",
"url": "https://bugzilla.suse.com/1112415"
},
{
"category": "self",
"summary": "SUSE Bug 1112417",
"url": "https://bugzilla.suse.com/1112417"
},
{
"category": "self",
"summary": "SUSE Bug 1112421",
"url": "https://bugzilla.suse.com/1112421"
},
{
"category": "self",
"summary": "SUSE Bug 1112432",
"url": "https://bugzilla.suse.com/1112432"
},
{
"category": "self",
"summary": "SUSE Bug 1112767",
"url": "https://bugzilla.suse.com/1112767"
},
{
"category": "self",
"summary": "SUSE Bug 1116686",
"url": "https://bugzilla.suse.com/1116686"
},
{
"category": "self",
"summary": "SUSE Bug 1118754",
"url": "https://bugzilla.suse.com/1118754"
},
{
"category": "self",
"summary": "SUSE Bug 1120041",
"url": "https://bugzilla.suse.com/1120041"
},
{
"category": "self",
"summary": "SUSE Bug 1122198",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "self",
"summary": "SUSE Bug 1122475",
"url": "https://bugzilla.suse.com/1122475"
},
{
"category": "self",
"summary": "SUSE Bug 1127027",
"url": "https://bugzilla.suse.com/1127027"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9843 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-10320 page",
"url": "https://www.suse.com/security/cve/CVE-2017-10320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-10365 page",
"url": "https://www.suse.com/security/cve/CVE-2017-10365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15365 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-2759 page",
"url": "https://www.suse.com/security/cve/CVE-2018-2759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-2777 page",
"url": "https://www.suse.com/security/cve/CVE-2018-2777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-2786 page",
"url": "https://www.suse.com/security/cve/CVE-2018-2786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-2810 page",
"url": "https://www.suse.com/security/cve/CVE-2018-2810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3058 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3060 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3063 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3064 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3066 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3143 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3162 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3173 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3174 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3185 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3200 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3251 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3277 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3282 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3284 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3284/"
}
],
"title": "Recommended update for mariadb, mariadb-connector-c",
"tracking": {
"current_release_date": "2019-06-06T16:15:12Z",
"generator": {
"date": "2019-06-06T16:15:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:1441-1",
"initial_release_date": "2019-06-06T16:15:12Z",
"revision_history": [
{
"date": "2019-06-06T16:15:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmariadb-devel-3.0.7-1.6.1.aarch64",
"product": {
"name": "libmariadb-devel-3.0.7-1.6.1.aarch64",
"product_id": "libmariadb-devel-3.0.7-1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadb3-3.0.7-1.6.1.aarch64",
"product": {
"name": "libmariadb3-3.0.7-1.6.1.aarch64",
"product_id": "libmariadb3-3.0.7-1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadb_plugins-3.0.7-1.6.1.aarch64",
"product": {
"name": "libmariadb_plugins-3.0.7-1.6.1.aarch64",
"product_id": "libmariadb_plugins-3.0.7-1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadbprivate-3.0.7-1.6.1.aarch64",
"product": {
"name": "libmariadbprivate-3.0.7-1.6.1.aarch64",
"product_id": "libmariadbprivate-3.0.7-1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.2.22-10.1.aarch64",
"product": {
"name": "libmysqld-devel-10.2.22-10.1.aarch64",
"product_id": "libmysqld-devel-10.2.22-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmysqld19-10.2.22-10.1.aarch64",
"product": {
"name": "libmysqld19-10.2.22-10.1.aarch64",
"product_id": "libmysqld19-10.2.22-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-10.2.22-10.1.aarch64",
"product": {
"name": "mariadb-10.2.22-10.1.aarch64",
"product_id": "mariadb-10.2.22-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.2.22-10.1.aarch64",
"product": {
"name": "mariadb-bench-10.2.22-10.1.aarch64",
"product_id": "mariadb-bench-10.2.22-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.2.22-10.1.aarch64",
"product": {
"name": "mariadb-client-10.2.22-10.1.aarch64",
"product_id": "mariadb-client-10.2.22-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.2.22-10.1.aarch64",
"product": {
"name": "mariadb-galera-10.2.22-10.1.aarch64",
"product_id": "mariadb-galera-10.2.22-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.2.22-10.1.aarch64",
"product": {
"name": "mariadb-test-10.2.22-10.1.aarch64",
"product_id": "mariadb-test-10.2.22-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.2.22-10.1.aarch64",
"product": {
"name": "mariadb-tools-10.2.22-10.1.aarch64",
"product_id": "mariadb-tools-10.2.22-10.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadb3-64bit-3.0.7-1.6.1.aarch64_ilp32",
"product": {
"name": "libmariadb3-64bit-3.0.7-1.6.1.aarch64_ilp32",
"product_id": "libmariadb3-64bit-3.0.7-1.6.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-errormessages-10.2.22-10.1.noarch",
"product": {
"name": "mariadb-errormessages-10.2.22-10.1.noarch",
"product_id": "mariadb-errormessages-10.2.22-10.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadb-devel-3.0.7-1.6.1.ppc64le",
"product": {
"name": "libmariadb-devel-3.0.7-1.6.1.ppc64le",
"product_id": "libmariadb-devel-3.0.7-1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadb3-3.0.7-1.6.1.ppc64le",
"product": {
"name": "libmariadb3-3.0.7-1.6.1.ppc64le",
"product_id": "libmariadb3-3.0.7-1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadb_plugins-3.0.7-1.6.1.ppc64le",
"product": {
"name": "libmariadb_plugins-3.0.7-1.6.1.ppc64le",
"product_id": "libmariadb_plugins-3.0.7-1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadbprivate-3.0.7-1.6.1.ppc64le",
"product": {
"name": "libmariadbprivate-3.0.7-1.6.1.ppc64le",
"product_id": "libmariadbprivate-3.0.7-1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.2.22-10.1.ppc64le",
"product": {
"name": "libmysqld-devel-10.2.22-10.1.ppc64le",
"product_id": "libmysqld-devel-10.2.22-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqld19-10.2.22-10.1.ppc64le",
"product": {
"name": "libmysqld19-10.2.22-10.1.ppc64le",
"product_id": "libmysqld19-10.2.22-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-10.2.22-10.1.ppc64le",
"product": {
"name": "mariadb-10.2.22-10.1.ppc64le",
"product_id": "mariadb-10.2.22-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.2.22-10.1.ppc64le",
"product": {
"name": "mariadb-bench-10.2.22-10.1.ppc64le",
"product_id": "mariadb-bench-10.2.22-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.2.22-10.1.ppc64le",
"product": {
"name": "mariadb-client-10.2.22-10.1.ppc64le",
"product_id": "mariadb-client-10.2.22-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.2.22-10.1.ppc64le",
"product": {
"name": "mariadb-galera-10.2.22-10.1.ppc64le",
"product_id": "mariadb-galera-10.2.22-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.2.22-10.1.ppc64le",
"product": {
"name": "mariadb-test-10.2.22-10.1.ppc64le",
"product_id": "mariadb-test-10.2.22-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.2.22-10.1.ppc64le",
"product": {
"name": "mariadb-tools-10.2.22-10.1.ppc64le",
"product_id": "mariadb-tools-10.2.22-10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadb-devel-3.0.7-1.6.1.s390x",
"product": {
"name": "libmariadb-devel-3.0.7-1.6.1.s390x",
"product_id": "libmariadb-devel-3.0.7-1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadb3-3.0.7-1.6.1.s390x",
"product": {
"name": "libmariadb3-3.0.7-1.6.1.s390x",
"product_id": "libmariadb3-3.0.7-1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadb_plugins-3.0.7-1.6.1.s390x",
"product": {
"name": "libmariadb_plugins-3.0.7-1.6.1.s390x",
"product_id": "libmariadb_plugins-3.0.7-1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadbprivate-3.0.7-1.6.1.s390x",
"product": {
"name": "libmariadbprivate-3.0.7-1.6.1.s390x",
"product_id": "libmariadbprivate-3.0.7-1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.2.22-10.1.s390x",
"product": {
"name": "libmysqld-devel-10.2.22-10.1.s390x",
"product_id": "libmysqld-devel-10.2.22-10.1.s390x"
}
},
{
"category": "product_version",
"name": "libmysqld19-10.2.22-10.1.s390x",
"product": {
"name": "libmysqld19-10.2.22-10.1.s390x",
"product_id": "libmysqld19-10.2.22-10.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-10.2.22-10.1.s390x",
"product": {
"name": "mariadb-10.2.22-10.1.s390x",
"product_id": "mariadb-10.2.22-10.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.2.22-10.1.s390x",
"product": {
"name": "mariadb-bench-10.2.22-10.1.s390x",
"product_id": "mariadb-bench-10.2.22-10.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.2.22-10.1.s390x",
"product": {
"name": "mariadb-client-10.2.22-10.1.s390x",
"product_id": "mariadb-client-10.2.22-10.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.2.22-10.1.s390x",
"product": {
"name": "mariadb-galera-10.2.22-10.1.s390x",
"product_id": "mariadb-galera-10.2.22-10.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.2.22-10.1.s390x",
"product": {
"name": "mariadb-test-10.2.22-10.1.s390x",
"product_id": "mariadb-test-10.2.22-10.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.2.22-10.1.s390x",
"product": {
"name": "mariadb-tools-10.2.22-10.1.s390x",
"product_id": "mariadb-tools-10.2.22-10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadb-devel-3.0.7-1.6.1.x86_64",
"product": {
"name": "libmariadb-devel-3.0.7-1.6.1.x86_64",
"product_id": "libmariadb-devel-3.0.7-1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadb3-3.0.7-1.6.1.x86_64",
"product": {
"name": "libmariadb3-3.0.7-1.6.1.x86_64",
"product_id": "libmariadb3-3.0.7-1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadb_plugins-3.0.7-1.6.1.x86_64",
"product": {
"name": "libmariadb_plugins-3.0.7-1.6.1.x86_64",
"product_id": "libmariadb_plugins-3.0.7-1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadbprivate-3.0.7-1.6.1.x86_64",
"product": {
"name": "libmariadbprivate-3.0.7-1.6.1.x86_64",
"product_id": "libmariadbprivate-3.0.7-1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.2.22-10.1.x86_64",
"product": {
"name": "libmysqld-devel-10.2.22-10.1.x86_64",
"product_id": "libmysqld-devel-10.2.22-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqld19-10.2.22-10.1.x86_64",
"product": {
"name": "libmysqld19-10.2.22-10.1.x86_64",
"product_id": "libmysqld19-10.2.22-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-10.2.22-10.1.x86_64",
"product": {
"name": "mariadb-10.2.22-10.1.x86_64",
"product_id": "mariadb-10.2.22-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.2.22-10.1.x86_64",
"product": {
"name": "mariadb-bench-10.2.22-10.1.x86_64",
"product_id": "mariadb-bench-10.2.22-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.2.22-10.1.x86_64",
"product": {
"name": "mariadb-client-10.2.22-10.1.x86_64",
"product_id": "mariadb-client-10.2.22-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.2.22-10.1.x86_64",
"product": {
"name": "mariadb-galera-10.2.22-10.1.x86_64",
"product_id": "mariadb-galera-10.2.22-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.2.22-10.1.x86_64",
"product": {
"name": "mariadb-test-10.2.22-10.1.x86_64",
"product_id": "mariadb-test-10.2.22-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.2.22-10.1.x86_64",
"product": {
"name": "mariadb-tools-10.2.22-10.1.x86_64",
"product_id": "mariadb-tools-10.2.22-10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadb3-3.0.7-1.6.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x"
},
"product_reference": "libmariadb3-3.0.7-1.6.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadb3-3.0.7-1.6.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64"
},
"product_reference": "libmariadb3-3.0.7-1.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.2.22-10.1.aarch64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64"
},
"product_reference": "mariadb-10.2.22-10.1.aarch64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.2.22-10.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x"
},
"product_reference": "mariadb-10.2.22-10.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.2.22-10.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64"
},
"product_reference": "mariadb-10.2.22-10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.2.22-10.1.aarch64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64"
},
"product_reference": "mariadb-client-10.2.22-10.1.aarch64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.2.22-10.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x"
},
"product_reference": "mariadb-client-10.2.22-10.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.2.22-10.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64"
},
"product_reference": "mariadb-client-10.2.22-10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.2.22-10.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch"
},
"product_reference": "mariadb-errormessages-10.2.22-10.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-10.2.22-10.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64"
},
"product_reference": "mariadb-galera-10.2.22-10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.2.22-10.1.aarch64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64"
},
"product_reference": "mariadb-tools-10.2.22-10.1.aarch64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.2.22-10.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x"
},
"product_reference": "mariadb-tools-10.2.22-10.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.2.22-10.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
},
"product_reference": "mariadb-tools-10.2.22-10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9843"
}
],
"notes": [
{
"category": "general",
"text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9843",
"url": "https://www.suse.com/security/cve/CVE-2016-9843"
},
{
"category": "external",
"summary": "SUSE Bug 1003580 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1003580"
},
{
"category": "external",
"summary": "SUSE Bug 1013882 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1013882"
},
{
"category": "external",
"summary": "SUSE Bug 1038505 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1038505"
},
{
"category": "external",
"summary": "SUSE Bug 1062104 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1062104"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1116686"
},
{
"category": "external",
"summary": "SUSE Bug 1120866 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1120866"
},
{
"category": "external",
"summary": "SUSE Bug 1123150 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1123150"
},
{
"category": "external",
"summary": "SUSE Bug 1127473 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1127473"
},
{
"category": "external",
"summary": "SUSE Bug 1184301 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1184301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2016-9843"
},
{
"cve": "CVE-2017-10320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-10320"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-10320",
"url": "https://www.suse.com/security/cve/CVE-2017-10320"
},
{
"category": "external",
"summary": "SUSE Bug 1064113 for CVE-2017-10320",
"url": "https://bugzilla.suse.com/1064113"
},
{
"category": "external",
"summary": "SUSE Bug 1064119 for CVE-2017-10320",
"url": "https://bugzilla.suse.com/1064119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2017-10320"
},
{
"cve": "CVE-2017-10365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-10365"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-10365",
"url": "https://www.suse.com/security/cve/CVE-2017-10365"
},
{
"category": "external",
"summary": "SUSE Bug 1064114 for CVE-2017-10365",
"url": "https://bugzilla.suse.com/1064114"
},
{
"category": "external",
"summary": "SUSE Bug 1064119 for CVE-2017-10365",
"url": "https://bugzilla.suse.com/1064119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2017-10365"
},
{
"cve": "CVE-2017-15365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15365"
}
],
"notes": [
{
"category": "general",
"text": "sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15365",
"url": "https://www.suse.com/security/cve/CVE-2017-15365"
},
{
"category": "external",
"summary": "SUSE Bug 1072167 for CVE-2017-15365",
"url": "https://bugzilla.suse.com/1072167"
},
{
"category": "external",
"summary": "SUSE Bug 1076506 for CVE-2017-15365",
"url": "https://bugzilla.suse.com/1076506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2017-15365"
},
{
"cve": "CVE-2018-2759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-2759"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-2759",
"url": "https://www.suse.com/security/cve/CVE-2018-2759"
},
{
"category": "external",
"summary": "SUSE Bug 1089987 for CVE-2018-2759",
"url": "https://bugzilla.suse.com/1089987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "important"
}
],
"title": "CVE-2018-2759"
},
{
"cve": "CVE-2018-2777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-2777"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-2777",
"url": "https://www.suse.com/security/cve/CVE-2018-2777"
},
{
"category": "external",
"summary": "SUSE Bug 1089987 for CVE-2018-2777",
"url": "https://bugzilla.suse.com/1089987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "important"
}
],
"title": "CVE-2018-2777"
},
{
"cve": "CVE-2018-2786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-2786"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-2786",
"url": "https://www.suse.com/security/cve/CVE-2018-2786"
},
{
"category": "external",
"summary": "SUSE Bug 1089987 for CVE-2018-2786",
"url": "https://bugzilla.suse.com/1089987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "important"
}
],
"title": "CVE-2018-2786"
},
{
"cve": "CVE-2018-2810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-2810"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-2810",
"url": "https://www.suse.com/security/cve/CVE-2018-2810"
},
{
"category": "external",
"summary": "SUSE Bug 1089987 for CVE-2018-2810",
"url": "https://bugzilla.suse.com/1089987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "important"
}
],
"title": "CVE-2018-2810"
},
{
"cve": "CVE-2018-3058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3058"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3058",
"url": "https://www.suse.com/security/cve/CVE-2018-3058"
},
{
"category": "external",
"summary": "SUSE Bug 1101676 for CVE-2018-3058",
"url": "https://bugzilla.suse.com/1101676"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3058",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3058"
},
{
"cve": "CVE-2018-3060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3060"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3060",
"url": "https://www.suse.com/security/cve/CVE-2018-3060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3060"
},
{
"cve": "CVE-2018-3063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3063"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3063",
"url": "https://www.suse.com/security/cve/CVE-2018-3063"
},
{
"category": "external",
"summary": "SUSE Bug 1101677 for CVE-2018-3063",
"url": "https://bugzilla.suse.com/1101677"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3063",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3063"
},
{
"cve": "CVE-2018-3064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3064"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3064",
"url": "https://www.suse.com/security/cve/CVE-2018-3064"
},
{
"category": "external",
"summary": "SUSE Bug 1103342 for CVE-2018-3064",
"url": "https://bugzilla.suse.com/1103342"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3064",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "important"
}
],
"title": "CVE-2018-3064"
},
{
"cve": "CVE-2018-3066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3066"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3066",
"url": "https://www.suse.com/security/cve/CVE-2018-3066"
},
{
"category": "external",
"summary": "SUSE Bug 1101678 for CVE-2018-3066",
"url": "https://bugzilla.suse.com/1101678"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3066",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "low"
}
],
"title": "CVE-2018-3066"
},
{
"cve": "CVE-2018-3143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3143"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3143",
"url": "https://www.suse.com/security/cve/CVE-2018-3143"
},
{
"category": "external",
"summary": "SUSE Bug 1112421 for CVE-2018-3143",
"url": "https://bugzilla.suse.com/1112421"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3143",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3143"
},
{
"cve": "CVE-2018-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3156"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3156",
"url": "https://www.suse.com/security/cve/CVE-2018-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1112417 for CVE-2018-3156",
"url": "https://bugzilla.suse.com/1112417"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3156",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3156"
},
{
"cve": "CVE-2018-3162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3162"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3162",
"url": "https://www.suse.com/security/cve/CVE-2018-3162"
},
{
"category": "external",
"summary": "SUSE Bug 1112415 for CVE-2018-3162",
"url": "https://bugzilla.suse.com/1112415"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3162",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3162"
},
{
"cve": "CVE-2018-3173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3173"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3173",
"url": "https://www.suse.com/security/cve/CVE-2018-3173"
},
{
"category": "external",
"summary": "SUSE Bug 1112386 for CVE-2018-3173",
"url": "https://bugzilla.suse.com/1112386"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3173",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3173"
},
{
"cve": "CVE-2018-3174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3174"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3174",
"url": "https://www.suse.com/security/cve/CVE-2018-3174"
},
{
"category": "external",
"summary": "SUSE Bug 1112368 for CVE-2018-3174",
"url": "https://bugzilla.suse.com/1112368"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3174",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3174"
},
{
"cve": "CVE-2018-3185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3185"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3185",
"url": "https://www.suse.com/security/cve/CVE-2018-3185"
},
{
"category": "external",
"summary": "SUSE Bug 1112384 for CVE-2018-3185",
"url": "https://bugzilla.suse.com/1112384"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3185",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3185"
},
{
"cve": "CVE-2018-3200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3200"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3200",
"url": "https://www.suse.com/security/cve/CVE-2018-3200"
},
{
"category": "external",
"summary": "SUSE Bug 1112404 for CVE-2018-3200",
"url": "https://bugzilla.suse.com/1112404"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3200",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3200"
},
{
"cve": "CVE-2018-3251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3251"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3251",
"url": "https://www.suse.com/security/cve/CVE-2018-3251"
},
{
"category": "external",
"summary": "SUSE Bug 1112397 for CVE-2018-3251",
"url": "https://bugzilla.suse.com/1112397"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3251",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3251"
},
{
"cve": "CVE-2018-3277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3277"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3277",
"url": "https://www.suse.com/security/cve/CVE-2018-3277"
},
{
"category": "external",
"summary": "SUSE Bug 1112391 for CVE-2018-3277",
"url": "https://bugzilla.suse.com/1112391"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3277",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3277"
},
{
"cve": "CVE-2018-3282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3282"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3282",
"url": "https://www.suse.com/security/cve/CVE-2018-3282"
},
{
"category": "external",
"summary": "SUSE Bug 1112432 for CVE-2018-3282",
"url": "https://bugzilla.suse.com/1112432"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3282",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3282"
},
{
"cve": "CVE-2018-3284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3284"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3284",
"url": "https://www.suse.com/security/cve/CVE-2018-3284"
},
{
"category": "external",
"summary": "SUSE Bug 1112377 for CVE-2018-3284",
"url": "https://bugzilla.suse.com/1112377"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3284",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.s390x",
"SUSE OpenStack Cloud 7:libmariadb3-3.0.7-1.6.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.2.22-10.1.noarch",
"SUSE OpenStack Cloud 7:mariadb-galera-10.2.22-10.1.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.aarch64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.2.22-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-06T16:15:12Z",
"details": "moderate"
}
],
"title": "CVE-2018-3284"
}
]
}
SUSE-SU-2019:2048-1
Vulnerability from csaf_suse - Published: 2019-08-05 14:09 - Updated: 2019-08-05 14:09Summary
Security update for mariadb
Severity
Important
Notes
Title of the patch: Security update for mariadb
Description of the patch: This update for mariadb fixes the following issues:
Update to MariaDB 10.0.38 GA (bsc#1136037).
Security issues fixed:
- CVE-2019-2537: Denial of service via multiple protocols (bsc#1136037)
- CVE-2019-2529: Denial of service via multiple protocols (bsc#1136037)
- CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct 2018) (bsc#1112432)
- CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112397)
- CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018) (bsc#1112368)
- CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112417)
- CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112421)
- CVE-2018-3066: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Options). (bsc#1101678)
- CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018) (bsc#1103342)
- CVE-2018-3063: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677)
- CVE-2018-3058: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent MyISAM). (bsc#1101676)
- CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882)
Non-security changes:
- Removed PerconaFT from the package as it has AGPL licence (bsc#1118754).
- Do not just remove tokudb plugin but don't build it at all (missing jemalloc dependency).
- Fixed reading options for multiple instances if my${INSTANCE}.cnf is used (bsc#1132666).
- Removed 'umask 077' from mysql-systemd-helper that caused new datadirs created
with wrong permissions (bsc#1132666).
Release notes and changelog:
- https://kb.askmonty.org/en/mariadb-10038-release-notes
- https://kb.askmonty.org/en/mariadb-10038-changelog
- https://kb.askmonty.org/en/mariadb-10037-release-notes
- https://kb.askmonty.org/en/mariadb-10037-changelog
- https://kb.askmonty.org/en/mariadb-10036-release-notes
- https://kb.askmonty.org/en/mariadb-10036-changelog
Patchnames: HPE-Helion-OpenStack-8-2019-2048,SUSE-2019-2048,SUSE-OpenStack-Cloud-7-2019-2048,SUSE-OpenStack-Cloud-8-2019-2048,SUSE-OpenStack-Cloud-Crowbar-8-2019-2048,SUSE-SLE-SAP-12-SP2-2019-2048,SUSE-SLE-SERVER-12-SP1-2019-2048,SUSE-SLE-SERVER-12-SP2-2019-2048,SUSE-SLE-SERVER-12-SP2-BCL-2019-2048,SUSE-Storage-4-2019-2048
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.8 (Critical)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.5 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.9 (Medium)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
73 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mariadb",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mariadb fixes the following issues:\n\nUpdate to MariaDB 10.0.38 GA (bsc#1136037).\n\nSecurity issues fixed:\n\n- CVE-2019-2537: Denial of service via multiple protocols (bsc#1136037)\n- CVE-2019-2529: Denial of service via multiple protocols (bsc#1136037)\n- CVE-2018-3282: Server Storage Engines unspecified vulnerability (CPU Oct 2018) (bsc#1112432)\n- CVE-2018-3251: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112397)\n- CVE-2018-3174: Client programs unspecified vulnerability (CPU Oct 2018) (bsc#1112368)\n- CVE-2018-3156: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112417)\n- CVE-2018-3143: InnoDB unspecified vulnerability (CPU Oct 2018) (bsc#1112421)\n- CVE-2018-3066: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Options). (bsc#1101678)\n- CVE-2018-3064: InnoDB unspecified vulnerability (CPU Jul 2018) (bsc#1103342)\n- CVE-2018-3063: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent Server Security Privileges). (bsc#1101677)\n- CVE-2018-3058: Unspecified vulnerability in the MySQL Server component of Oracle MySQL (subcomponent MyISAM). (bsc#1101676)\n- CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882)\n\nNon-security changes:\n\n- Removed PerconaFT from the package as it has AGPL licence (bsc#1118754).\n- Do not just remove tokudb plugin but don\u0027t build it at all (missing jemalloc dependency).\n- Fixed reading options for multiple instances if my${INSTANCE}.cnf is used (bsc#1132666).\n- Removed \u0027umask 077\u0027 from mysql-systemd-helper that caused new datadirs created \n with wrong permissions (bsc#1132666).\n\nRelease notes and changelog:\n\n- https://kb.askmonty.org/en/mariadb-10038-release-notes\n- https://kb.askmonty.org/en/mariadb-10038-changelog\n- https://kb.askmonty.org/en/mariadb-10037-release-notes\n- https://kb.askmonty.org/en/mariadb-10037-changelog\n- https://kb.askmonty.org/en/mariadb-10036-release-notes\n- https://kb.askmonty.org/en/mariadb-10036-changelog\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2019-2048,SUSE-2019-2048,SUSE-OpenStack-Cloud-7-2019-2048,SUSE-OpenStack-Cloud-8-2019-2048,SUSE-OpenStack-Cloud-Crowbar-8-2019-2048,SUSE-SLE-SAP-12-SP2-2019-2048,SUSE-SLE-SERVER-12-SP1-2019-2048,SUSE-SLE-SERVER-12-SP2-2019-2048,SUSE-SLE-SERVER-12-SP2-BCL-2019-2048,SUSE-Storage-4-2019-2048",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2048-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2048-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192048-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2048-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-August/005775.html"
},
{
"category": "self",
"summary": "SUSE Bug 1013882",
"url": "https://bugzilla.suse.com/1013882"
},
{
"category": "self",
"summary": "SUSE Bug 1101676",
"url": "https://bugzilla.suse.com/1101676"
},
{
"category": "self",
"summary": "SUSE Bug 1101677",
"url": "https://bugzilla.suse.com/1101677"
},
{
"category": "self",
"summary": "SUSE Bug 1101678",
"url": "https://bugzilla.suse.com/1101678"
},
{
"category": "self",
"summary": "SUSE Bug 1103342",
"url": "https://bugzilla.suse.com/1103342"
},
{
"category": "self",
"summary": "SUSE Bug 1112368",
"url": "https://bugzilla.suse.com/1112368"
},
{
"category": "self",
"summary": "SUSE Bug 1112397",
"url": "https://bugzilla.suse.com/1112397"
},
{
"category": "self",
"summary": "SUSE Bug 1112417",
"url": "https://bugzilla.suse.com/1112417"
},
{
"category": "self",
"summary": "SUSE Bug 1112421",
"url": "https://bugzilla.suse.com/1112421"
},
{
"category": "self",
"summary": "SUSE Bug 1112432",
"url": "https://bugzilla.suse.com/1112432"
},
{
"category": "self",
"summary": "SUSE Bug 1116686",
"url": "https://bugzilla.suse.com/1116686"
},
{
"category": "self",
"summary": "SUSE Bug 1118754",
"url": "https://bugzilla.suse.com/1118754"
},
{
"category": "self",
"summary": "SUSE Bug 1132666",
"url": "https://bugzilla.suse.com/1132666"
},
{
"category": "self",
"summary": "SUSE Bug 1136037",
"url": "https://bugzilla.suse.com/1136037"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9843 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3058 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3063 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3064 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3066 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3143 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3156 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3174 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3251 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3282 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2529 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-2537 page",
"url": "https://www.suse.com/security/cve/CVE-2019-2537/"
}
],
"title": "Security update for mariadb",
"tracking": {
"current_release_date": "2019-08-05T14:09:47Z",
"generator": {
"date": "2019-08-05T14:09:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2048-1",
"initial_release_date": "2019-08-05T14:09:47Z",
"revision_history": [
{
"date": "2019-08-05T14:09:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.38-29.27.3.aarch64",
"product": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.aarch64",
"product_id": "libmysqlclient-devel-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-10.0.38-29.27.3.aarch64",
"product": {
"name": "libmysqlclient18-10.0.38-29.27.3.aarch64",
"product_id": "libmysqlclient18-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.38-29.27.3.aarch64",
"product": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.aarch64",
"product_id": "libmysqlclient_r18-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.38-29.27.3.aarch64",
"product": {
"name": "libmysqld-devel-10.0.38-29.27.3.aarch64",
"product_id": "libmysqld-devel-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.38-29.27.3.aarch64",
"product": {
"name": "libmysqld18-10.0.38-29.27.3.aarch64",
"product_id": "libmysqld18-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.38-29.27.3.aarch64",
"product": {
"name": "mariadb-10.0.38-29.27.3.aarch64",
"product_id": "mariadb-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.0.38-29.27.3.aarch64",
"product": {
"name": "mariadb-bench-10.0.38-29.27.3.aarch64",
"product_id": "mariadb-bench-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.38-29.27.3.aarch64",
"product": {
"name": "mariadb-client-10.0.38-29.27.3.aarch64",
"product_id": "mariadb-client-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.38-29.27.3.aarch64",
"product": {
"name": "mariadb-errormessages-10.0.38-29.27.3.aarch64",
"product_id": "mariadb-errormessages-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.0.38-29.27.3.aarch64",
"product": {
"name": "mariadb-test-10.0.38-29.27.3.aarch64",
"product_id": "mariadb-test-10.0.38-29.27.3.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.38-29.27.3.aarch64",
"product": {
"name": "mariadb-tools-10.0.38-29.27.3.aarch64",
"product_id": "mariadb-tools-10.0.38-29.27.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient18-64bit-10.0.38-29.27.3.aarch64_ilp32",
"product": {
"name": "libmysqlclient18-64bit-10.0.38-29.27.3.aarch64_ilp32",
"product_id": "libmysqlclient18-64bit-10.0.38-29.27.3.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-64bit-10.0.38-29.27.3.aarch64_ilp32",
"product": {
"name": "libmysqlclient_r18-64bit-10.0.38-29.27.3.aarch64_ilp32",
"product_id": "libmysqlclient_r18-64bit-10.0.38-29.27.3.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.38-29.27.3.i586",
"product": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.i586",
"product_id": "libmysqlclient-devel-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-10.0.38-29.27.3.i586",
"product": {
"name": "libmysqlclient18-10.0.38-29.27.3.i586",
"product_id": "libmysqlclient18-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.38-29.27.3.i586",
"product": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.i586",
"product_id": "libmysqlclient_r18-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.38-29.27.3.i586",
"product": {
"name": "libmysqld-devel-10.0.38-29.27.3.i586",
"product_id": "libmysqld-devel-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.38-29.27.3.i586",
"product": {
"name": "libmysqld18-10.0.38-29.27.3.i586",
"product_id": "libmysqld18-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.38-29.27.3.i586",
"product": {
"name": "mariadb-10.0.38-29.27.3.i586",
"product_id": "mariadb-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.0.38-29.27.3.i586",
"product": {
"name": "mariadb-bench-10.0.38-29.27.3.i586",
"product_id": "mariadb-bench-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.38-29.27.3.i586",
"product": {
"name": "mariadb-client-10.0.38-29.27.3.i586",
"product_id": "mariadb-client-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.38-29.27.3.i586",
"product": {
"name": "mariadb-errormessages-10.0.38-29.27.3.i586",
"product_id": "mariadb-errormessages-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.0.38-29.27.3.i586",
"product": {
"name": "mariadb-test-10.0.38-29.27.3.i586",
"product_id": "mariadb-test-10.0.38-29.27.3.i586"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.38-29.27.3.i586",
"product": {
"name": "mariadb-tools-10.0.38-29.27.3.i586",
"product_id": "mariadb-tools-10.0.38-29.27.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"product": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"product_id": "libmysqlclient-devel-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-10.0.38-29.27.3.ppc64le",
"product": {
"name": "libmysqlclient18-10.0.38-29.27.3.ppc64le",
"product_id": "libmysqlclient18-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"product": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"product_id": "libmysqlclient_r18-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.38-29.27.3.ppc64le",
"product": {
"name": "libmysqld-devel-10.0.38-29.27.3.ppc64le",
"product_id": "libmysqld-devel-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.38-29.27.3.ppc64le",
"product": {
"name": "libmysqld18-10.0.38-29.27.3.ppc64le",
"product_id": "libmysqld18-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.38-29.27.3.ppc64le",
"product": {
"name": "mariadb-10.0.38-29.27.3.ppc64le",
"product_id": "mariadb-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.0.38-29.27.3.ppc64le",
"product": {
"name": "mariadb-bench-10.0.38-29.27.3.ppc64le",
"product_id": "mariadb-bench-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.38-29.27.3.ppc64le",
"product": {
"name": "mariadb-client-10.0.38-29.27.3.ppc64le",
"product_id": "mariadb-client-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"product": {
"name": "mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"product_id": "mariadb-errormessages-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.0.38-29.27.3.ppc64le",
"product": {
"name": "mariadb-test-10.0.38-29.27.3.ppc64le",
"product_id": "mariadb-test-10.0.38-29.27.3.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.38-29.27.3.ppc64le",
"product": {
"name": "mariadb-tools-10.0.38-29.27.3.ppc64le",
"product_id": "mariadb-tools-10.0.38-29.27.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.38-29.27.3.s390",
"product": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.s390",
"product_id": "libmysqlclient-devel-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-10.0.38-29.27.3.s390",
"product": {
"name": "libmysqlclient18-10.0.38-29.27.3.s390",
"product_id": "libmysqlclient18-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.38-29.27.3.s390",
"product": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.s390",
"product_id": "libmysqlclient_r18-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.38-29.27.3.s390",
"product": {
"name": "libmysqld-devel-10.0.38-29.27.3.s390",
"product_id": "libmysqld-devel-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.38-29.27.3.s390",
"product": {
"name": "libmysqld18-10.0.38-29.27.3.s390",
"product_id": "libmysqld18-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.38-29.27.3.s390",
"product": {
"name": "mariadb-10.0.38-29.27.3.s390",
"product_id": "mariadb-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.0.38-29.27.3.s390",
"product": {
"name": "mariadb-bench-10.0.38-29.27.3.s390",
"product_id": "mariadb-bench-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.38-29.27.3.s390",
"product": {
"name": "mariadb-client-10.0.38-29.27.3.s390",
"product_id": "mariadb-client-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.38-29.27.3.s390",
"product": {
"name": "mariadb-errormessages-10.0.38-29.27.3.s390",
"product_id": "mariadb-errormessages-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.0.38-29.27.3.s390",
"product": {
"name": "mariadb-test-10.0.38-29.27.3.s390",
"product_id": "mariadb-test-10.0.38-29.27.3.s390"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.38-29.27.3.s390",
"product": {
"name": "mariadb-tools-10.0.38-29.27.3.s390",
"product_id": "mariadb-tools-10.0.38-29.27.3.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.38-29.27.3.s390x",
"product": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.s390x",
"product_id": "libmysqlclient-devel-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-10.0.38-29.27.3.s390x",
"product": {
"name": "libmysqlclient18-10.0.38-29.27.3.s390x",
"product_id": "libmysqlclient18-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"product": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"product_id": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.38-29.27.3.s390x",
"product": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.s390x",
"product_id": "libmysqlclient_r18-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-32bit-10.0.38-29.27.3.s390x",
"product": {
"name": "libmysqlclient_r18-32bit-10.0.38-29.27.3.s390x",
"product_id": "libmysqlclient_r18-32bit-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.38-29.27.3.s390x",
"product": {
"name": "libmysqld-devel-10.0.38-29.27.3.s390x",
"product_id": "libmysqld-devel-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.38-29.27.3.s390x",
"product": {
"name": "libmysqld18-10.0.38-29.27.3.s390x",
"product_id": "libmysqld18-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.38-29.27.3.s390x",
"product": {
"name": "mariadb-10.0.38-29.27.3.s390x",
"product_id": "mariadb-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.0.38-29.27.3.s390x",
"product": {
"name": "mariadb-bench-10.0.38-29.27.3.s390x",
"product_id": "mariadb-bench-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.38-29.27.3.s390x",
"product": {
"name": "mariadb-client-10.0.38-29.27.3.s390x",
"product_id": "mariadb-client-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.38-29.27.3.s390x",
"product": {
"name": "mariadb-errormessages-10.0.38-29.27.3.s390x",
"product_id": "mariadb-errormessages-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.0.38-29.27.3.s390x",
"product": {
"name": "mariadb-test-10.0.38-29.27.3.s390x",
"product_id": "mariadb-test-10.0.38-29.27.3.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.38-29.27.3.s390x",
"product": {
"name": "mariadb-tools-10.0.38-29.27.3.s390x",
"product_id": "mariadb-tools-10.0.38-29.27.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"product": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"product_id": "libmysqlclient18-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"product": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"product_id": "libmysqlclient-devel-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"product": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"product_id": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"product": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"product_id": "libmysqlclient_r18-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqlclient_r18-32bit-10.0.38-29.27.3.x86_64",
"product": {
"name": "libmysqlclient_r18-32bit-10.0.38-29.27.3.x86_64",
"product_id": "libmysqlclient_r18-32bit-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqld-devel-10.0.38-29.27.3.x86_64",
"product": {
"name": "libmysqld-devel-10.0.38-29.27.3.x86_64",
"product_id": "libmysqld-devel-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "libmysqld18-10.0.38-29.27.3.x86_64",
"product": {
"name": "libmysqld18-10.0.38-29.27.3.x86_64",
"product_id": "libmysqld18-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-10.0.38-29.27.3.x86_64",
"product": {
"name": "mariadb-10.0.38-29.27.3.x86_64",
"product_id": "mariadb-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.0.38-29.27.3.x86_64",
"product": {
"name": "mariadb-bench-10.0.38-29.27.3.x86_64",
"product_id": "mariadb-bench-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.0.38-29.27.3.x86_64",
"product": {
"name": "mariadb-client-10.0.38-29.27.3.x86_64",
"product_id": "mariadb-client-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.0.38-29.27.3.x86_64",
"product": {
"name": "mariadb-errormessages-10.0.38-29.27.3.x86_64",
"product_id": "mariadb-errormessages-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.0.38-29.27.3.x86_64",
"product": {
"name": "mariadb-test-10.0.38-29.27.3.x86_64",
"product_id": "mariadb-test-10.0.38-29.27.3.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.0.38-29.27.3.x86_64",
"product": {
"name": "mariadb-tools-10.0.38-29.27.3.x86_64",
"product_id": "mariadb-tools-10.0.38-29.27.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le"
},
"product_reference": "libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqlclient-devel-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient-devel-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le"
},
"product_reference": "libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqlclient_r18-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient_r18-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld-devel-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le"
},
"product_reference": "libmysqld-devel-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld-devel-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqld-devel-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld-devel-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqld-devel-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld18-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le"
},
"product_reference": "libmysqld18-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld18-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqld18-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqld18-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqld18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-10.0.38-29.27.3.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64"
},
"product_reference": "libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.0.38-29.27.3.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.0.38-29.27.3.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-client-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.0.38-29.27.3.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-errormessages-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.0.38-29.27.3.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64"
},
"product_reference": "mariadb-tools-10.0.38-29.27.3.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9843"
}
],
"notes": [
{
"category": "general",
"text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9843",
"url": "https://www.suse.com/security/cve/CVE-2016-9843"
},
{
"category": "external",
"summary": "SUSE Bug 1003580 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1003580"
},
{
"category": "external",
"summary": "SUSE Bug 1013882 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1013882"
},
{
"category": "external",
"summary": "SUSE Bug 1038505 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1038505"
},
{
"category": "external",
"summary": "SUSE Bug 1062104 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1062104"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1116686"
},
{
"category": "external",
"summary": "SUSE Bug 1120866 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1120866"
},
{
"category": "external",
"summary": "SUSE Bug 1123150 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1123150"
},
{
"category": "external",
"summary": "SUSE Bug 1127473 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1127473"
},
{
"category": "external",
"summary": "SUSE Bug 1184301 for CVE-2016-9843",
"url": "https://bugzilla.suse.com/1184301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "moderate"
}
],
"title": "CVE-2016-9843"
},
{
"cve": "CVE-2018-3058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3058"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3058",
"url": "https://www.suse.com/security/cve/CVE-2018-3058"
},
{
"category": "external",
"summary": "SUSE Bug 1101676 for CVE-2018-3058",
"url": "https://bugzilla.suse.com/1101676"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3058",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-3058"
},
{
"cve": "CVE-2018-3063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3063"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3063",
"url": "https://www.suse.com/security/cve/CVE-2018-3063"
},
{
"category": "external",
"summary": "SUSE Bug 1101677 for CVE-2018-3063",
"url": "https://bugzilla.suse.com/1101677"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3063",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-3063"
},
{
"cve": "CVE-2018-3064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3064"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3064",
"url": "https://www.suse.com/security/cve/CVE-2018-3064"
},
{
"category": "external",
"summary": "SUSE Bug 1103342 for CVE-2018-3064",
"url": "https://bugzilla.suse.com/1103342"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3064",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "important"
}
],
"title": "CVE-2018-3064"
},
{
"cve": "CVE-2018-3066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3066"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3066",
"url": "https://www.suse.com/security/cve/CVE-2018-3066"
},
{
"category": "external",
"summary": "SUSE Bug 1101678 for CVE-2018-3066",
"url": "https://bugzilla.suse.com/1101678"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3066",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "low"
}
],
"title": "CVE-2018-3066"
},
{
"cve": "CVE-2018-3143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3143"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3143",
"url": "https://www.suse.com/security/cve/CVE-2018-3143"
},
{
"category": "external",
"summary": "SUSE Bug 1112421 for CVE-2018-3143",
"url": "https://bugzilla.suse.com/1112421"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3143",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-3143"
},
{
"cve": "CVE-2018-3156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3156"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3156",
"url": "https://www.suse.com/security/cve/CVE-2018-3156"
},
{
"category": "external",
"summary": "SUSE Bug 1112417 for CVE-2018-3156",
"url": "https://bugzilla.suse.com/1112417"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3156",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-3156"
},
{
"cve": "CVE-2018-3174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3174"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3174",
"url": "https://www.suse.com/security/cve/CVE-2018-3174"
},
{
"category": "external",
"summary": "SUSE Bug 1112368 for CVE-2018-3174",
"url": "https://bugzilla.suse.com/1112368"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3174",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-3174"
},
{
"cve": "CVE-2018-3251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3251"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3251",
"url": "https://www.suse.com/security/cve/CVE-2018-3251"
},
{
"category": "external",
"summary": "SUSE Bug 1112397 for CVE-2018-3251",
"url": "https://bugzilla.suse.com/1112397"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3251",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-3251"
},
{
"cve": "CVE-2018-3282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3282"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3282",
"url": "https://www.suse.com/security/cve/CVE-2018-3282"
},
{
"category": "external",
"summary": "SUSE Bug 1112432 for CVE-2018-3282",
"url": "https://bugzilla.suse.com/1112432"
},
{
"category": "external",
"summary": "SUSE Bug 1116686 for CVE-2018-3282",
"url": "https://bugzilla.suse.com/1116686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "moderate"
}
],
"title": "CVE-2018-3282"
},
{
"cve": "CVE-2019-2529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2529"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2529",
"url": "https://www.suse.com/security/cve/CVE-2019-2529"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2019-2529",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1136037 for CVE-2019-2529",
"url": "https://bugzilla.suse.com/1136037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "important"
}
],
"title": "CVE-2019-2529"
},
{
"cve": "CVE-2019-2537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-2537"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-2537",
"url": "https://www.suse.com/security/cve/CVE-2019-2537"
},
{
"category": "external",
"summary": "SUSE Bug 1122198 for CVE-2019-2537",
"url": "https://bugzilla.suse.com/1122198"
},
{
"category": "external",
"summary": "SUSE Bug 1136037 for CVE-2019-2537",
"url": "https://bugzilla.suse.com/1136037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Enterprise Storage 4:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqlclient_r18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld-devel-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:libmysqld18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:libmysqlclient18-32bit-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-client-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-errormessages-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.s390x",
"SUSE OpenStack Cloud 7:mariadb-tools-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud 8:libmysqlclient18-10.0.38-29.27.3.x86_64",
"SUSE OpenStack Cloud Crowbar 8:libmysqlclient18-10.0.38-29.27.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-05T14:09:47Z",
"details": "important"
}
],
"title": "CVE-2019-2537"
}
]
}
VDE-2019-009
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2019-06-04 10:22 - Updated: 2025-05-22 13:03Summary
PHOENIX CONTACT: Multiple Vulnerabilities in AXC F 2152
Notes
Summary: Multiple vulnerabilities have been identified in PHOENIX CONTACT AXC F 2152 with firmware versions 1.x
Impact: see CVEs for details.
General Recommendation: Customers using Phoenix Contact AXC F 2152 are recommended to operate the devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:
'Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY 'Measures to protect network-capable devices with Ethernet connection against unauthorized access'
Remediation: Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later. Update to PLCnext Engineer Release 2019.0 LTS or later. Update A, 30.08.2019With Firmware Release 2019.6 an option was added to the web-basedmanagement that allows the user to permanently disable storage of configuration data to theSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.We recommend using this new configuration option for application scenarios where physicalaccess to the device cannot be restricted effectively. General Recommendation Customers using Phoenix Contact AXC F 2152 are recommended to operate the devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:'Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY 'Measures to protect network-capable devices with Ethernet connection against unauthorized access'
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.
5.3 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
6.1 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
6.1 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log.
7.8 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later. Update to PLCnext Engineer Release 2019.0 LTS or later. Update A, 30.08.2019With Firmware Release 2019.6 an option was added to the web-basedmanagement that allows the user to permanently disable storage of configuration data to theSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.We recommend using this new configuration option for application scenarios where physicalaccess to the device cannot be restricted effectively. General Recommendation Customers using Phoenix Contact AXC F 2152 are recommended to operate the devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:'Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY 'Measures to protect network-capable devices with Ethernet connection against unauthorized access'
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
8.8 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
8.8 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com."
8.1 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn't restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl's redirect protocols with --proto-redir and libcurl's with CURLOPT_REDIR_PROTOCOLS.
6.5 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be 'http://ur%20[0-60000000000000000000'.
6.5 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
9.1 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
6.5 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the 'PWD' command. The server then responds with a 257 response containing the path, inside double quotes. The returned path name is then kept by libcurl for subsequent uses. Due to a flaw in the string parser for this directory name, a directory name passed like this but without a closing double quote would lead to libcurl not adding a trailing NUL byte to the buffer holding the name. When libcurl would then later access the string, it could read beyond the allocated heap buffer and crash or wrongly access data beyond the buffer, thinking it was part of the path. A malicious server could abuse this fact and effectively prevent libcurl-based clients to work with it - the PWD command is always issued on new FTP connections and the mistake has a high chance of causing a segfault. The simple fact that this has issue remained undiscovered for this long could suggest that malformed PWD responses are rare in benign servers. We are not aware of any exploit of this flaw. This bug was introduced in commit [415d2e7cb7](https://github.com/curl/curl/commit/415d2e7cb7), March 2005. In libcurl version 7.56.0, the parser always zero terminates the string but also rejects it if not terminated properly with a final double quote.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.
9.1 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
5.3 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.
5.9 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
9.1 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server's private key by sending carefully constructed bad UserIdentityTokens as part of an oracle attack.
5.3 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.
5.9 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
9.8 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.
7.5 (High)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
5.9 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like ':' to the target buffer, while this was recently changed to ': ' (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.
9.1 (Critical)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
6.7 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be restarted manually via a Linux shell.
5.9 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity.
6.8 (Medium)
Vendor Fix
Update to Firmware Release 2019.0 LTS or later.
Update to PLCnext Engineer Release 2019.0 LTS or later.
Update A, 30.08.2019
With Firmware Release 2019.6 an option was added to the web-based
management that allows the user to permanently disable storage of configuration data to the
SD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.
We recommend using this new configuration option for application scenarios where physical
access to the device cannot be restricted effectively.
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — |
References
4 references
Acknowledgments
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Zahra Khani"
],
"organization": "firmwareanalyzer.com",
"summary": "reporting"
},
{
"organization": "OPC Foundation",
"summary": "reporting"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been identified in PHOENIX CONTACT AXC F 2152 with firmware versions 1.x",
"title": "Summary"
},
{
"category": "description",
"text": "see CVEs for details.",
"title": "Impact"
},
{
"category": "description",
"text": "Customers using Phoenix Contact AXC F 2152 are recommended to operate the devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:\n\u0027Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY \u0027Measures to protect network-capable devices with Ethernet connection against unauthorized access\u0027",
"title": "General Recommendation"
},
{
"category": "description",
"text": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "Phoenix Contact PSIRT ",
"url": "https://www.phoenixcontact.com/de-de/service-und-support/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Phoenix Contact GmbH \u0026 Co. KG",
"url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2019-009: PHOENIX CONTACT: Multiple Vulnerabilities in AXC F 2152 - HTML",
"url": "https://certvde.com/en/advisories/VDE-2019-009/"
},
{
"category": "self",
"summary": "VDE-2019-009: PHOENIX CONTACT: Multiple Vulnerabilities in AXC F 2152 - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2019/vde-2019-009.json"
}
],
"title": "PHOENIX CONTACT: Multiple Vulnerabilities in AXC F 2152",
"tracking": {
"aliases": [
"VDE-2019-009"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2025-04-09T08:04:53.514Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.22"
}
},
"id": "VDE-2019-009",
"initial_release_date": "2019-06-04T10:22:00.000Z",
"revision_history": [
{
"date": "2019-06-04T10:22:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2019-08-30T10:00:00.000Z",
"number": "2",
"summary": "Update A"
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "3",
"summary": "Fix: added distribution, status to final, quotation mark"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.0",
"product": {
"name": "Firmware \u003c2.0",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "2019.0 LTS",
"product": {
"name": "Firmware 2019.0 LTS",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
},
{
"branches": [
{
"category": "product_name",
"name": "AXC F 2152",
"product": {
"name": "AXC F 2152",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 2152 (Starterkit)",
"product": {
"name": "AXC F 2152 (Starterkit)",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"1046568"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
}
],
"category": "vendor",
"name": "Phoenix Contact"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2.0 installed on AXC F 2152",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2.0 installed on AXC F 2152 (Starterkit)",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2019.0 LTS installed on AXC F 2152",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2019.0 LTS installed on AXC F 2152 (Starterkit)",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000120",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later. Update to PLCnext Engineer Release 2019.0 LTS or later. Update A, 30.08.2019With Firmware Release 2019.6 an option was added to the web-basedmanagement that allows the user to permanently disable storage of configuration data to theSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.We recommend using this new configuration option for application scenarios where physicalaccess to the device cannot be restricted effectively. General Recommendation Customers using Phoenix Contact AXC F 2152 are recommended to operate the devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:\u0027Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY \u0027Measures to protect network-capable devices with Ethernet connection against unauthorized access\u0027",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-1000120"
},
{
"cve": "CVE-2017-3735",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-3735"
},
{
"cve": "CVE-2016-7103",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-7103"
},
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2016-1247",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-1247"
},
{
"cve": "CVE-2016-6301",
"notes": [
{
"audience": "all",
"category": "description",
"text": "The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later. Update to PLCnext Engineer Release 2019.0 LTS or later. Update A, 30.08.2019With Firmware Release 2019.6 an option was added to the web-basedmanagement that allows the user to permanently disable storage of configuration data to theSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.We recommend using this new configuration option for application scenarios where physicalaccess to the device cannot be restricted effectively. General Recommendation Customers using Phoenix Contact AXC F 2152 are recommended to operate the devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:\u0027Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY \u0027Measures to protect network-capable devices with Ethernet connection against unauthorized access\u0027",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-6301"
},
{
"cve": "CVE-2016-7141",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-7141"
},
{
"cve": "CVE-2016-7444",
"notes": [
{
"audience": "all",
"category": "description",
"text": "The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-7444"
},
{
"cve": "CVE-2016-9840",
"notes": [
{
"audience": "all",
"category": "description",
"text": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-9840"
},
{
"cve": "CVE-2016-9841",
"notes": [
{
"audience": "all",
"category": "description",
"text": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-9841"
},
{
"cve": "CVE-2016-9842",
"notes": [
{
"audience": "all",
"category": "description",
"text": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-9842"
},
{
"cve": "CVE-2016-9843",
"notes": [
{
"audience": "all",
"category": "description",
"text": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-9843"
},
{
"cve": "CVE-2016-9952",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by \"*.com.\"",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-9952"
},
{
"cve": "CVE-2016-9953",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2016-9953"
},
{
"cve": "CVE-2017-1000100",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn\u0027t restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl\u0027s redirect protocols with --proto-redir and libcurl\u0027s with CURLOPT_REDIR_PROTOCOLS.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-1000100"
},
{
"cve": "CVE-2018-1000121",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-1000121"
},
{
"cve": "CVE-2017-1000101",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be \u0027http://ur%20[0-60000000000000000000\u0027.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-1000101"
},
{
"cve": "CVE-2018-1000301",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl \u003c 7.20.0 and curl \u003e= 7.60.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-1000301"
},
{
"cve": "CVE-2018-5388",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-5388"
},
{
"cve": "CVE-2017-1000254",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in (anonymous or not), it asks the server for the current directory with the \u0027PWD\u0027 command. The server then responds with a 257 response containing the path, inside double quotes. The returned path name is then kept by libcurl for subsequent uses. Due to a flaw in the string parser for this directory name, a directory name passed like this but without a closing double quote would lead to libcurl not adding a trailing NUL byte to the buffer holding the name. When libcurl would then later access the string, it could read beyond the allocated heap buffer and crash or wrongly access data beyond the buffer, thinking it was part of the path. A malicious server could abuse this fact and effectively prevent libcurl-based clients to work with it - the PWD command is always issued on new FTP connections and the mistake has a high chance of causing a segfault. The simple fact that this has issue remained undiscovered for this long could suggest that malformed PWD responses are rare in benign servers. We are not aware of any exploit of this flaw. This bug was introduced in commit [415d2e7cb7](https://github.com/curl/curl/commit/415d2e7cb7), March 2005. In libcurl version 7.56.0, the parser always zero terminates the string but also rejects it if not terminated properly with a final double quote.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-1000254"
},
{
"cve": "CVE-2017-1000257",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl\u0027s deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-1000257"
},
{
"cve": "CVE-2017-11108",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-11108"
},
{
"cve": "CVE-2017-11185",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-11185"
},
{
"cve": "CVE-2017-11541",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-11541"
},
{
"cve": "CVE-2017-11542",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-11542"
},
{
"cve": "CVE-2017-11543",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-11543"
},
{
"cve": "CVE-2017-15906",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-15906"
},
{
"cve": "CVE-2017-3731",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-3731"
},
{
"cve": "CVE-2017-9233",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-9233"
},
{
"cve": "CVE-2017-3737",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an \"error state\" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-3737"
},
{
"cve": "CVE-2018-1000122",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-1000122"
},
{
"cve": "CVE-2018-7559",
"notes": [
{
"audience": "all",
"category": "description",
"text": "An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server\u0027s private key by sending carefully constructed bad UserIdentityTokens as part of an oracle attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-7559"
},
{
"cve": "CVE-2017-3738",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-3738"
},
{
"cve": "CVE-2017-5334",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-5334"
},
{
"cve": "CVE-2017-5335",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-5335"
},
{
"cve": "CVE-2017-5336",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-5336"
},
{
"cve": "CVE-2017-5337",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-5337"
},
{
"cve": "CVE-2017-8816",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-8816"
},
{
"cve": "CVE-2017-8817",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an \u0027[\u0027 character.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-8817"
},
{
"cve": "CVE-2017-9022",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-9022"
},
{
"cve": "CVE-2017-9023",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2017-9023"
},
{
"cve": "CVE-2018-0737",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-0737"
},
{
"cve": "CVE-2018-1000005",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like \u0027:\u0027 to the target buffer, while this was recently changed to \u0027: \u0027 (a space was added after the colon) but the following math wasn\u0027t updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-1000005"
},
{
"cve": "CVE-2018-1000117",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2018-1000117"
},
{
"cve": "CVE-2019-10997",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be restarted manually via a Linux shell.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2019-10997"
},
{
"cve": "CVE-2019-10998",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware Release 2019.0 LTS or later.\n\nUpdate to PLCnext Engineer Release 2019.0 LTS or later.\n\nUpdate A, 30.08.2019\nWith Firmware Release 2019.6 an option was added to the web-based\nmanagement that allows the user to permanently disable storage of configuration data to the\nSD-Card. The device can now be operated without SD-Card and ignores any inserted SD-Card.\nWe recommend using this new configuration option for application scenarios where physical\naccess to the device cannot be restricted effectively.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2019-10998"
}
]
}
WID-SEC-W-2024-1232
Vulnerability from csaf_certbund - Published: 2020-02-24 23:00 - Updated: 2025-06-09 22:00Summary
Rsync: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Rsync ist ein Tool, um Dateien und Verzeichnisse zu synchronisieren.
Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Rsync ausnutzen, um beliebigen Programmcode auszuführen, oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Rsync <3.1.2-2.1ubuntu1.1
Open Source / Rsync
|
<3.1.2-2.1ubuntu1.1 | ||
|
Open Source Rsync <3.1.1-3ubuntu1.3
Open Source / Rsync
|
<3.1.1-3ubuntu1.3 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.32
Red Hat / OpenShift
|
Container Platform <4.17.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Rsync <3.1.2-2.1ubuntu1.1
Open Source / Rsync
|
<3.1.2-2.1ubuntu1.1 | ||
|
Open Source Rsync <3.1.1-3ubuntu1.3
Open Source / Rsync
|
<3.1.1-3ubuntu1.3 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.32
Red Hat / OpenShift
|
Container Platform <4.17.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Rsync <3.1.2-2.1ubuntu1.1
Open Source / Rsync
|
<3.1.2-2.1ubuntu1.1 | ||
|
Open Source Rsync <3.1.1-3ubuntu1.3
Open Source / Rsync
|
<3.1.1-3ubuntu1.3 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.32
Red Hat / OpenShift
|
Container Platform <4.17.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Rsync <3.1.2-2.1ubuntu1.1
Open Source / Rsync
|
<3.1.2-2.1ubuntu1.1 | ||
|
Open Source Rsync <3.1.1-3ubuntu1.3
Open Source / Rsync
|
<3.1.1-3ubuntu1.3 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.32
Red Hat / OpenShift
|
Container Platform <4.17.32 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
References
7 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Rsync ist ein Tool, um Dateien und Verzeichnisse zu synchronisieren.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Rsync ausnutzen, um beliebigen Programmcode auszuf\u00fchren, oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1232 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-1232.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1232 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1232"
},
{
"category": "external",
"summary": "Ubuntu Security Notice:4292-1 vom 2020-02-24",
"url": "https://usn.ubuntu.com/4292-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6736-2 vom 2024-05-23",
"url": "https://ubuntu.com/security/notices/USN-6736-2"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8395 vom 2025-06-03",
"url": "https://linux.oracle.com/errata/ELSA-2025-8395.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8280 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8280"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8314 vom 2025-06-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-8314.html"
}
],
"source_lang": "en-US",
"title": "Rsync: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-09T22:00:00.000+00:00",
"generator": {
"date": "2025-06-10T09:44:10.059+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-1232",
"initial_release_date": "2020-02-24T23:00:00.000+00:00",
"revision_history": [
{
"date": "2020-02-24T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-05-23T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.1.1-3ubuntu1.3",
"product": {
"name": "Open Source Rsync \u003c3.1.1-3ubuntu1.3",
"product_id": "T015946"
}
},
{
"category": "product_version",
"name": "3.1.1-3ubuntu1.3",
"product": {
"name": "Open Source Rsync 3.1.1-3ubuntu1.3",
"product_id": "T015946-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gnu:rsync:3.1.1-3ubuntu1.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c3.1.2-2.1ubuntu1.1",
"product": {
"name": "Open Source Rsync \u003c3.1.2-2.1ubuntu1.1",
"product_id": "T015947"
}
},
{
"category": "product_version",
"name": "3.1.2-2.1ubuntu1.1",
"product": {
"name": "Open Source Rsync 3.1.2-2.1ubuntu1.1",
"product_id": "T015947-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gnu:rsync:3.1.2-2.1ubuntu1.1"
}
}
}
],
"category": "product_name",
"name": "Rsync"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.32",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.32",
"product_id": "T044318"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.32",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.32",
"product_id": "T044318-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.32"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9840",
"product_status": {
"known_affected": [
"T015947",
"T015946",
"T000126",
"T044318",
"T004914"
]
},
"release_date": "2020-02-24T23:00:00.000+00:00",
"title": "CVE-2016-9840"
},
{
"cve": "CVE-2016-9841",
"product_status": {
"known_affected": [
"T015947",
"T015946",
"T000126",
"T044318",
"T004914"
]
},
"release_date": "2020-02-24T23:00:00.000+00:00",
"title": "CVE-2016-9841"
},
{
"cve": "CVE-2016-9842",
"product_status": {
"known_affected": [
"T015947",
"T015946",
"T000126",
"T044318",
"T004914"
]
},
"release_date": "2020-02-24T23:00:00.000+00:00",
"title": "CVE-2016-9842"
},
{
"cve": "CVE-2016-9843",
"product_status": {
"known_affected": [
"T015947",
"T015946",
"T000126",
"T044318",
"T004914"
]
},
"release_date": "2020-02-24T23:00:00.000+00:00",
"title": "CVE-2016-9843"
}
]
}
WID-SEC-W-2025-0370
Vulnerability from csaf_certbund - Published: 2017-09-25 22:00 - Updated: 2025-02-13 23:00Summary
Apple Mac OS: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apple Mac OS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstelle in Apple Mac OS ausnutzen, um Code mit Kernel Privilegien auszuführen, Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuführen oder vertrauliche Daten einzusehen.
Betroffene Betriebssysteme: - MacOS X
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS <10.13
Apple / macOS
|
<10.13 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple Mac OS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstelle in Apple Mac OS ausnutzen, um Code mit Kernel Privilegien auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuf\u00fchren oder vertrauliche Daten einzusehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0370 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2025-0370.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0370 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0370"
},
{
"category": "external",
"summary": "Apple Security Advisory HT208144 vom 2017-09-25",
"url": "https://support.apple.com/de-de/HT208144"
},
{
"category": "external",
"summary": "Updated Apple Security Advisory HT208144 vom 2017-10-31",
"url": "https://lists.apple.com/archives/security-announce/2017/Oct/msg00007.html"
},
{
"category": "external",
"summary": "Updated Apple Security Advisory HT208144 vom 2017-10-31",
"url": "https://lists.apple.com/archives/security-announce/2017/Oct/msg00001.html"
}
],
"source_lang": "en-US",
"title": "Apple Mac OS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-02-13T23:00:00.000+00:00",
"generator": {
"date": "2025-02-14T12:00:12.636+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0370",
"initial_release_date": "2017-09-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2017-09-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2017-10-31T23:00:00.000+00:00",
"number": "2",
"summary": "cve added"
},
{
"date": "2017-10-31T23:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-10-31T23:00:00.000+00:00",
"number": "4",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-11-21T23:00:00.000+00:00",
"number": "5",
"summary": "cve added"
},
{
"date": "2017-11-21T23:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-12-13T23:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2025-02-13T23:00:00.000+00:00",
"number": "8",
"summary": "Korrektur"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.13",
"product": {
"name": "Apple macOS \u003c10.13",
"product_id": "T010822"
}
},
{
"category": "product_version",
"name": "10.13",
"product": {
"name": "Apple macOS 10.13",
"product_id": "T010822-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:10.13"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-0736",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-0736"
},
{
"cve": "CVE-2016-2161",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-2161"
},
{
"cve": "CVE-2016-4736",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-4736"
},
{
"cve": "CVE-2016-5387",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-5387"
},
{
"cve": "CVE-2016-8740",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-8740"
},
{
"cve": "CVE-2016-8743",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-8743"
},
{
"cve": "CVE-2016-9042",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9042"
},
{
"cve": "CVE-2016-9063",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9063"
},
{
"cve": "CVE-2016-9840",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9840"
},
{
"cve": "CVE-2016-9841",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9841"
},
{
"cve": "CVE-2016-9842",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9842"
},
{
"cve": "CVE-2016-9843",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9843"
},
{
"cve": "CVE-2017-0381",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-0381"
},
{
"cve": "CVE-2017-1000100",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-1000100"
},
{
"cve": "CVE-2017-1000101",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-1000101"
},
{
"cve": "CVE-2017-1000373",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-1000373"
},
{
"cve": "CVE-2017-10140",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-10140"
},
{
"cve": "CVE-2017-10989",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-10989"
},
{
"cve": "CVE-2017-11103",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11103"
},
{
"cve": "CVE-2017-11108",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11108"
},
{
"cve": "CVE-2017-11541",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11541"
},
{
"cve": "CVE-2017-11542",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11542"
},
{
"cve": "CVE-2017-11543",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11543"
},
{
"cve": "CVE-2017-12893",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12893"
},
{
"cve": "CVE-2017-12894",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12894"
},
{
"cve": "CVE-2017-12895",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12895"
},
{
"cve": "CVE-2017-12896",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12896"
},
{
"cve": "CVE-2017-12897",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12897"
},
{
"cve": "CVE-2017-12898",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12898"
},
{
"cve": "CVE-2017-12899",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12899"
},
{
"cve": "CVE-2017-12900",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12900"
},
{
"cve": "CVE-2017-12901",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12901"
},
{
"cve": "CVE-2017-12902",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12902"
},
{
"cve": "CVE-2017-12985",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12985"
},
{
"cve": "CVE-2017-12986",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12986"
},
{
"cve": "CVE-2017-12987",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12987"
},
{
"cve": "CVE-2017-12988",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12988"
},
{
"cve": "CVE-2017-12989",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12989"
},
{
"cve": "CVE-2017-12990",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12990"
},
{
"cve": "CVE-2017-12991",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12991"
},
{
"cve": "CVE-2017-12992",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12992"
},
{
"cve": "CVE-2017-12993",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12993"
},
{
"cve": "CVE-2017-12994",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12994"
},
{
"cve": "CVE-2017-12995",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12995"
},
{
"cve": "CVE-2017-12996",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12996"
},
{
"cve": "CVE-2017-12997",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12997"
},
{
"cve": "CVE-2017-12998",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12998"
},
{
"cve": "CVE-2017-12999",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12999"
},
{
"cve": "CVE-2017-13000",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13000"
},
{
"cve": "CVE-2017-13001",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13001"
},
{
"cve": "CVE-2017-13002",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13002"
},
{
"cve": "CVE-2017-13003",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13003"
},
{
"cve": "CVE-2017-13004",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13004"
},
{
"cve": "CVE-2017-13005",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13005"
},
{
"cve": "CVE-2017-13006",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13006"
},
{
"cve": "CVE-2017-13007",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13007"
},
{
"cve": "CVE-2017-13008",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13008"
},
{
"cve": "CVE-2017-13009",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13009"
},
{
"cve": "CVE-2017-13010",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13010"
},
{
"cve": "CVE-2017-13011",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13011"
},
{
"cve": "CVE-2017-13012",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13012"
},
{
"cve": "CVE-2017-13013",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13013"
},
{
"cve": "CVE-2017-13014",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13014"
},
{
"cve": "CVE-2017-13015",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13015"
},
{
"cve": "CVE-2017-13016",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13016"
},
{
"cve": "CVE-2017-13017",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13017"
},
{
"cve": "CVE-2017-13018",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13018"
},
{
"cve": "CVE-2017-13019",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13019"
},
{
"cve": "CVE-2017-13020",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13020"
},
{
"cve": "CVE-2017-13021",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13021"
},
{
"cve": "CVE-2017-13022",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13022"
},
{
"cve": "CVE-2017-13023",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13023"
},
{
"cve": "CVE-2017-13024",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13024"
},
{
"cve": "CVE-2017-13025",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13025"
},
{
"cve": "CVE-2017-13026",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13026"
},
{
"cve": "CVE-2017-13027",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13027"
},
{
"cve": "CVE-2017-13028",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13028"
},
{
"cve": "CVE-2017-13029",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13029"
},
{
"cve": "CVE-2017-13030",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13030"
},
{
"cve": "CVE-2017-13031",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13031"
},
{
"cve": "CVE-2017-13032",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13032"
},
{
"cve": "CVE-2017-13033",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13033"
},
{
"cve": "CVE-2017-13034",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13034"
},
{
"cve": "CVE-2017-13035",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13035"
},
{
"cve": "CVE-2017-13036",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13036"
},
{
"cve": "CVE-2017-13037",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13037"
},
{
"cve": "CVE-2017-13038",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13038"
},
{
"cve": "CVE-2017-13039",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13039"
},
{
"cve": "CVE-2017-13040",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13040"
},
{
"cve": "CVE-2017-13041",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13041"
},
{
"cve": "CVE-2017-13042",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13042"
},
{
"cve": "CVE-2017-13043",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13043"
},
{
"cve": "CVE-2017-13044",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13044"
},
{
"cve": "CVE-2017-13045",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13045"
},
{
"cve": "CVE-2017-13046",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13046"
},
{
"cve": "CVE-2017-13047",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13047"
},
{
"cve": "CVE-2017-13048",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13048"
},
{
"cve": "CVE-2017-13049",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13049"
},
{
"cve": "CVE-2017-13050",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13050"
},
{
"cve": "CVE-2017-13051",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13051"
},
{
"cve": "CVE-2017-13052",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13052"
},
{
"cve": "CVE-2017-13053",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13053"
},
{
"cve": "CVE-2017-13054",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13054"
},
{
"cve": "CVE-2017-13055",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13055"
},
{
"cve": "CVE-2017-13077",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13077"
},
{
"cve": "CVE-2017-13078",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13078"
},
{
"cve": "CVE-2017-13080",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-13687",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13687"
},
{
"cve": "CVE-2017-13688",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13688"
},
{
"cve": "CVE-2017-13689",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13689"
},
{
"cve": "CVE-2017-13690",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13690"
},
{
"cve": "CVE-2017-13725",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13725"
},
{
"cve": "CVE-2017-13782",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13782"
},
{
"cve": "CVE-2017-13786",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13786"
},
{
"cve": "CVE-2017-13799",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13799"
},
{
"cve": "CVE-2017-13800",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13800"
},
{
"cve": "CVE-2017-13801",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13801"
},
{
"cve": "CVE-2017-13804",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13804"
},
{
"cve": "CVE-2017-13807",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13807"
},
{
"cve": "CVE-2017-13808",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13808"
},
{
"cve": "CVE-2017-13809",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13809"
},
{
"cve": "CVE-2017-13810",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13810"
},
{
"cve": "CVE-2017-13811",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13811"
},
{
"cve": "CVE-2017-13812",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13812"
},
{
"cve": "CVE-2017-13813",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13813"
},
{
"cve": "CVE-2017-13814",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13814"
},
{
"cve": "CVE-2017-13815",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13815"
},
{
"cve": "CVE-2017-13816",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13816"
},
{
"cve": "CVE-2017-13817",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13817"
},
{
"cve": "CVE-2017-13818",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13818"
},
{
"cve": "CVE-2017-13819",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13819"
},
{
"cve": "CVE-2017-13820",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13820"
},
{
"cve": "CVE-2017-13821",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13821"
},
{
"cve": "CVE-2017-13822",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13822"
},
{
"cve": "CVE-2017-13823",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13823"
},
{
"cve": "CVE-2017-13824",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13824"
},
{
"cve": "CVE-2017-13825",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13825"
},
{
"cve": "CVE-2017-13826",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13826"
},
{
"cve": "CVE-2017-13827",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13827"
},
{
"cve": "CVE-2017-13828",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13828"
},
{
"cve": "CVE-2017-13829",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13829"
},
{
"cve": "CVE-2017-13830",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13830"
},
{
"cve": "CVE-2017-13831",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13831"
},
{
"cve": "CVE-2017-13832",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13832"
},
{
"cve": "CVE-2017-13833",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13833"
},
{
"cve": "CVE-2017-13834",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13834"
},
{
"cve": "CVE-2017-13836",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13836"
},
{
"cve": "CVE-2017-13837",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13837"
},
{
"cve": "CVE-2017-13838",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13838"
},
{
"cve": "CVE-2017-13839",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13839"
},
{
"cve": "CVE-2017-13840",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13840"
},
{
"cve": "CVE-2017-13841",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13841"
},
{
"cve": "CVE-2017-13842",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13842"
},
{
"cve": "CVE-2017-13843",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13843"
},
{
"cve": "CVE-2017-13846",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13846"
},
{
"cve": "CVE-2017-13851",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13851"
},
{
"cve": "CVE-2017-13854",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13854"
},
{
"cve": "CVE-2017-3167",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-3167"
},
{
"cve": "CVE-2017-3169",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-3169"
},
{
"cve": "CVE-2017-6451",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6451"
},
{
"cve": "CVE-2017-6452",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6452"
},
{
"cve": "CVE-2017-6455",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6455"
},
{
"cve": "CVE-2017-6458",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6458"
},
{
"cve": "CVE-2017-6459",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6459"
},
{
"cve": "CVE-2017-6460",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6460"
},
{
"cve": "CVE-2017-6462",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6462"
},
{
"cve": "CVE-2017-6463",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6463"
},
{
"cve": "CVE-2017-6464",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6464"
},
{
"cve": "CVE-2017-7074",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7074"
},
{
"cve": "CVE-2017-7077",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7077"
},
{
"cve": "CVE-2017-7078",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7078"
},
{
"cve": "CVE-2017-7080",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7080"
},
{
"cve": "CVE-2017-7082",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7082"
},
{
"cve": "CVE-2017-7083",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7083"
},
{
"cve": "CVE-2017-7084",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7084"
},
{
"cve": "CVE-2017-7086",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7086"
},
{
"cve": "CVE-2017-7114",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7114"
},
{
"cve": "CVE-2017-7119",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7119"
},
{
"cve": "CVE-2017-7121",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7121"
},
{
"cve": "CVE-2017-7122",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7122"
},
{
"cve": "CVE-2017-7123",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7123"
},
{
"cve": "CVE-2017-7124",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7124"
},
{
"cve": "CVE-2017-7125",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7125"
},
{
"cve": "CVE-2017-7126",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7126"
},
{
"cve": "CVE-2017-7127",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7127"
},
{
"cve": "CVE-2017-7128",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7128"
},
{
"cve": "CVE-2017-7129",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7129"
},
{
"cve": "CVE-2017-7130",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7130"
},
{
"cve": "CVE-2017-7132",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7132"
},
{
"cve": "CVE-2017-7138",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7138"
},
{
"cve": "CVE-2017-7141",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7141"
},
{
"cve": "CVE-2017-7143",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7143"
},
{
"cve": "CVE-2017-7144",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7144"
},
{
"cve": "CVE-2017-7659",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7659"
},
{
"cve": "CVE-2017-7668",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7668"
},
{
"cve": "CVE-2017-7679",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7679"
},
{
"cve": "CVE-2017-9233",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-9233"
},
{
"cve": "CVE-2017-9788",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-9788"
},
{
"cve": "CVE-2017-9789",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-9789"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…