Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-25032 (GCVE-0-2018-25032)
Vulnerability from cvelistv5 – Published: 2022-03-25 00:00 – Updated: 2025-05-06 14:19
VLAI
EPSS
Summary
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-787 - Out-of-bounds Write
Assigner
References
29 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"name": "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"name": "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"name": "DSA-5111",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"name": "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"name": "FEDORA-2022-413a80a102",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"
},
{
"name": "FEDORA-2022-dbd2935e44",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"
},
{
"name": "FEDORA-2022-12b89e2aad",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"
},
{
"name": "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "FEDORA-2022-61cf1c64f6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/issues/605"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"name": "FEDORA-2022-3a92250fd5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"
},
{
"name": "FEDORA-2022-b58a85e167",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"
},
{
"name": "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"name": "GLSA-202210-42",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-25032",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:25.795648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T14:19:53.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"name": "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"name": "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"name": "DSA-5111",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"name": "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"name": "FEDORA-2022-413a80a102",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"
},
{
"name": "FEDORA-2022-dbd2935e44",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"
},
{
"name": "FEDORA-2022-12b89e2aad",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"
},
{
"name": "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "FEDORA-2022-61cf1c64f6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"url": "https://github.com/madler/zlib/issues/605"
},
{
"url": "https://support.apple.com/kb/HT213257"
},
{
"url": "https://support.apple.com/kb/HT213256"
},
{
"url": "https://support.apple.com/kb/HT213255"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"name": "FEDORA-2022-3a92250fd5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"
},
{
"name": "FEDORA-2022-b58a85e167",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"
},
{
"name": "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"name": "GLSA-202210-42",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-25032",
"datePublished": "2022-03-25T00:00:00.000Z",
"dateReserved": "2022-03-25T00:00:00.000Z",
"dateUpdated": "2025-05-06T14:19:53.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-25032",
"date": "2026-06-09",
"epss": "0.00089",
"percentile": "0.25347"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.2.12\", \"matchCriteriaId\": \"4976954F-9DF9-4CE4-B94D-2D8CA6ACA188\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A930E247-0B43-43CB-98FF-6CE7B8189835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.15\", \"versionEndExcluding\": \"10.15.7\", \"matchCriteriaId\": \"DB8A73F8-3074-4B32-B9F6-343B6B1988C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A654B8A2-FC30-4171-B0BB-366CD7ED4B6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*\", \"matchCriteriaId\": \"F12CC8B5-C1EB-419E-8496-B9A3864656AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1F4BF7F-90D4-4668-B4E6-B06F4070F448\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FD7176C-F4D1-43A7-9E49-BA92CA0D9980\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*\", \"matchCriteriaId\": \"2703DE0B-8A9E-4A9D-9AE8-028E22BF47CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F441A43-1669-478D-9EC8-E96882DE4F9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*\", \"matchCriteriaId\": \"D425C653-37A2-448C-BF2F-B684ADB08A26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*\", \"matchCriteriaId\": \"A54D63B7-B92B-47C3-B1C5-9892E5873A98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*\", \"matchCriteriaId\": \"012052B5-9AA7-4FD3-9C80-5F615330039D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*\", \"matchCriteriaId\": \"50F21A3C-0AC3-48C5-A4F8-5A7B478875B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E974DC6-F7D9-4389-9AF9-863F6E419CE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*\", \"matchCriteriaId\": \"156A6382-2BD3-4882-90B2-8E7CF6659E17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*\", \"matchCriteriaId\": \"20A2FDB2-6712-406A-9896-C0B44508B07D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*\", \"matchCriteriaId\": \"49F537A0-DC42-4176-B22F-C80D179DD99D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0\", \"versionEndExcluding\": \"11.6.6\", \"matchCriteriaId\": \"09A6345C-D813-43BA-B12E-789C80653F86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.0.0\", \"versionEndExcluding\": \"12.4\", \"matchCriteriaId\": \"56A8A170-44A7-4334-88B0-CB4413E28E53\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.7.0\", \"versionEndExcluding\": \"3.7.14\", \"matchCriteriaId\": \"0743C1B3-D44D-4940-AAF4-25DEFB46AC74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.8.0\", \"versionEndExcluding\": \"3.8.14\", \"matchCriteriaId\": \"5E28EB81-9BE6-4EC9-AC44-EFA4DDB0233F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.9.0\", \"versionEndExcluding\": \"3.9.13\", \"matchCriteriaId\": \"D10062BC-7B79-46C6-9FF5-396AE56F4508\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.10.0\", \"versionEndExcluding\": \"3.10.5\", \"matchCriteriaId\": \"90CD96D5-4F6E-4733-A8D1-0771156CA2A2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.3.0\", \"versionEndExcluding\": \"10.3.36\", \"matchCriteriaId\": \"D5048A61-025A-46D4-AA1D-17C20FD193C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.4.0\", \"versionEndExcluding\": \"10.4.26\", \"matchCriteriaId\": \"76F49D8B-E293-475B-A190-E55F2586EB74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.5.0\", \"versionEndExcluding\": \"10.5.17\", \"matchCriteriaId\": \"144984F5-B5E4-4890-B84C-0BD4EBD1A575\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.6.0\", \"versionEndExcluding\": \"10.6.9\", \"matchCriteriaId\": \"9397E948-E3C7-4AE0-AB59-D8DF6DC0F85A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.7.0\", \"versionEndExcluding\": \"10.7.5\", \"matchCriteriaId\": \"3E60C79C-A7E6-4AEF-AD29-38BC63149C60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.8.0\", \"versionEndExcluding\": \"10.8.4\", \"matchCriteriaId\": \"EB9F7573-E888-42B6-8B57-CAF26300CC16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.9.0\", \"versionEndExcluding\": \"10.9.2\", \"matchCriteriaId\": \"9FD7E579-DE84-4D5D-A959-AC4C959A7020\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\", \"matchCriteriaId\": \"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0.0\", \"versionEndIncluding\": \"11.70.2\", \"matchCriteriaId\": \"8C5DA53D-744B-4087-AEA9-257F18949E4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86B51137-28D9-41F2-AFA2-3CC22B4954D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5735E553-9731-4AAC-BCFF-989377F817B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7CF3019-975D-40BB-A8A4-894E62BD3797\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD7447BC-F315-4298-A822-549942FC118B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.0\", \"matchCriteriaId\": \"21A75847-54F1-453A-82D7-B6D2CB2DE7AA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50FEE5FA-B141-4E5F-8673-363089262530\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:scalance_sc626-2c_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.0\", \"matchCriteriaId\": \"ECCD4A67-EA4B-47C7-83F8-5CCC18BC3C94\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:scalance_sc626-2c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAC3EE40-4398-4337-B40E-8AACDF225BBF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.0\", \"matchCriteriaId\": \"E00E02E5-109C-44E7-8C20-BFEE7C739ADC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A79836B-5EC1-40AF-8A57-9657EF6758E5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.0\", \"matchCriteriaId\": \"E1BC85A6-386C-43E9-9266-50F8C53C7362\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCB9BD17-7F1F-42E9-831F-EB907F9BC214\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.0\", \"matchCriteriaId\": \"6ACE6C40-E0BB-4D65-A76E-BCCA262AF2FD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10C7D54A-27B4-4195-8131-DD5380472A75\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.0\", \"matchCriteriaId\": \"9BFAB0B9-3C01-4066-B9CD-5A7C4A66AA3C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E54AF1E6-0E52-447C-8946-18716D30EBE2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:azul:zulu:6.45:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"850B5359-7804-406B-9DC9-D22D65ACEE40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:azul:zulu:7.52:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5522AD81-A23E-47D3-82E4-6D71ECEB1DBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:azul:zulu:8.60:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AC61C25-871B-4F6F-A5F0-77359F373681\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:azul:zulu:11.54:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12A59E25-5ED3-4A6D-95F6-45750866E0D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:azul:zulu:13.46:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC0DC492-706E-42FE-8757-71873B53C417\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:azul:zulu:15.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1441FE9-45C5-46C4-BF78-FD5D30F9C80C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:azul:zulu:17.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28D25E37-5479-4876-B46C-28FF87384852\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:goto:gotoassist:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.9.18\", \"matchCriteriaId\": \"BB7FB2D7-6D53-4D9C-865A-4DFC8BC82218\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.\"}, {\"lang\": \"es\", \"value\": \"zlib versiones anteriores a 1.2.12 permite la corrupci\\u00f3n de memoria al desinflar (es decir, al comprimir) si la entrada tiene muchas coincidencias distantes\"}]",
"id": "CVE-2018-25032",
"lastModified": "2024-11-21T04:03:24.080",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2022-03-25T09:15:08.187",
"references": "[{\"url\": \"http://seclists.org/fulldisclosure/2022/May/33\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/35\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/38\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/25/2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/26/1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/madler/zlib/issues/605\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.gentoo.org/glsa/202210-42\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220526-0009/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0004/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT213255\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT213256\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT213257\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5111\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/24/1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/33\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/35\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/38\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/25/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/26/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/madler/zlib/issues/605\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/202210-42\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220526-0009/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT213255\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT213256\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT213257\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5111\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/24/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-25032\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-03-25T09:15:08.187\",\"lastModified\":\"2025-08-21T20:37:11.840\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.\"},{\"lang\":\"es\",\"value\":\"zlib versiones anteriores a 1.2.12 permite la corrupci\u00f3n de memoria al desinflar (es decir, al comprimir) si la entrada tiene muchas coincidencias distantes\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:ruby:*:*\",\"versionEndExcluding\":\"1.13.4\",\"matchCriteriaId\":\"57E74758-D6C1-4C5F-B471-D4028BAEF97C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.7.0\",\"versionEndExcluding\":\"3.7.14\",\"matchCriteriaId\":\"0743C1B3-D44D-4940-AAF4-25DEFB46AC74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.8.0\",\"versionEndExcluding\":\"3.8.14\",\"matchCriteriaId\":\"5E28EB81-9BE6-4EC9-AC44-EFA4DDB0233F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.9.0\",\"versionEndExcluding\":\"3.9.13\",\"matchCriteriaId\":\"D10062BC-7B79-46C6-9FF5-396AE56F4508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.10.0\",\"versionEndExcluding\":\"3.10.5\",\"matchCriteriaId\":\"90CD96D5-4F6E-4733-A8D1-0771156CA2A2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.2.2.2\",\"versionEndExcluding\":\"1.2.12\",\"matchCriteriaId\":\"149842FE-9498-47E0-A8A3-B30BF505E1A4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.15\",\"versionEndExcluding\":\"10.15.7\",\"matchCriteriaId\":\"DB8A73F8-3074-4B32-B9F6-343B6B1988C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A654B8A2-FC30-4171-B0BB-366CD7ED4B6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*\",\"matchCriteriaId\":\"F12CC8B5-C1EB-419E-8496-B9A3864656AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F4BF7F-90D4-4668-B4E6-B06F4070F448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FD7176C-F4D1-43A7-9E49-BA92CA0D9980\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*\",\"matchCriteriaId\":\"2703DE0B-8A9E-4A9D-9AE8-028E22BF47CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F441A43-1669-478D-9EC8-E96882DE4F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*\",\"matchCriteriaId\":\"D425C653-37A2-448C-BF2F-B684ADB08A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*\",\"matchCriteriaId\":\"A54D63B7-B92B-47C3-B1C5-9892E5873A98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*\",\"matchCriteriaId\":\"012052B5-9AA7-4FD3-9C80-5F615330039D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*\",\"matchCriteriaId\":\"50F21A3C-0AC3-48C5-A4F8-5A7B478875B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E974DC6-F7D9-4389-9AF9-863F6E419CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"156A6382-2BD3-4882-90B2-8E7CF6659E17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A2FDB2-6712-406A-9896-C0B44508B07D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*\",\"matchCriteriaId\":\"49F537A0-DC42-4176-B22F-C80D179DD99D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.6.6\",\"matchCriteriaId\":\"09A6345C-D813-43BA-B12E-789C80653F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.4\",\"matchCriteriaId\":\"56A8A170-44A7-4334-88B0-CB4413E28E53\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3.0\",\"versionEndExcluding\":\"10.3.36\",\"matchCriteriaId\":\"D5048A61-025A-46D4-AA1D-17C20FD193C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4.0\",\"versionEndExcluding\":\"10.4.26\",\"matchCriteriaId\":\"76F49D8B-E293-475B-A190-E55F2586EB74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.5.0\",\"versionEndExcluding\":\"10.5.17\",\"matchCriteriaId\":\"144984F5-B5E4-4890-B84C-0BD4EBD1A575\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.6.0\",\"versionEndExcluding\":\"10.6.9\",\"matchCriteriaId\":\"9397E948-E3C7-4AE0-AB59-D8DF6DC0F85A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.7.0\",\"versionEndExcluding\":\"10.7.5\",\"matchCriteriaId\":\"3E60C79C-A7E6-4AEF-AD29-38BC63149C60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.8.0\",\"versionEndExcluding\":\"10.8.4\",\"matchCriteriaId\":\"EB9F7573-E888-42B6-8B57-CAF26300CC16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.9.0\",\"versionEndExcluding\":\"10.9.2\",\"matchCriteriaId\":\"9FD7E579-DE84-4D5D-A959-AC4C959A7020\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.70.2\",\"matchCriteriaId\":\"8C5DA53D-744B-4087-AEA9-257F18949E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86B51137-28D9-41F2-AFA2-3CC22B4954D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"21A75847-54F1-453A-82D7-B6D2CB2DE7AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50FEE5FA-B141-4E5F-8673-363089262530\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc626-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"ECCD4A67-EA4B-47C7-83F8-5CCC18BC3C94\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc626-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAC3EE40-4398-4337-B40E-8AACDF225BBF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"E00E02E5-109C-44E7-8C20-BFEE7C739ADC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A79836B-5EC1-40AF-8A57-9657EF6758E5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"E1BC85A6-386C-43E9-9266-50F8C53C7362\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCB9BD17-7F1F-42E9-831F-EB907F9BC214\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"6ACE6C40-E0BB-4D65-A76E-BCCA262AF2FD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10C7D54A-27B4-4195-8131-DD5380472A75\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"9BFAB0B9-3C01-4066-B9CD-5A7C4A66AA3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E54AF1E6-0E52-447C-8946-18716D30EBE2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:6.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"850B5359-7804-406B-9DC9-D22D65ACEE40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:7.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5522AD81-A23E-47D3-82E4-6D71ECEB1DBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:8.60:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AC61C25-871B-4F6F-A5F0-77359F373681\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:11.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12A59E25-5ED3-4A6D-95F6-45750866E0D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:13.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC0DC492-706E-42FE-8757-71873B53C417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:15.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1441FE9-45C5-46C4-BF78-FD5D30F9C80C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:17.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28D25E37-5479-4876-B46C-28FF87384852\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:goto:gotoassist:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.9.18\",\"matchCriteriaId\":\"BB7FB2D7-6D53-4D9C-865A-4DFC8BC82218\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2022/May/33\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/35\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/38\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/03/25/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/03/26/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/issues/605\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202210-42\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220526-0009/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213255\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213256\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213257\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5111\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/24/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/28/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/28/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/03/25/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/03/26/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/issues/605\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202210-42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220526-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/24/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/28/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/28/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/24/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/25/2\", \"name\": \"[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/26/1\", \"name\": \"[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5111\", \"name\": \"DSA-5111\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\", \"name\": \"[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\", \"name\": \"FEDORA-2022-413a80a102\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\", \"name\": \"FEDORA-2022-dbd2935e44\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\", \"name\": \"FEDORA-2022-12b89e2aad\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\", \"name\": \"[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/33\", \"name\": \"20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/35\", \"name\": \"20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/38\", \"name\": \"20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\", \"name\": \"FEDORA-2022-61cf1c64f6\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/madler/zlib/issues/605\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT213257\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT213256\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT213255\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220526-0009/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\", \"name\": \"FEDORA-2022-3a92250fd5\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\", \"name\": \"FEDORA-2022-b58a85e167\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\", \"name\": \"[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202210-42\", \"name\": \"GLSA-202210-42\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T12:26:39.599Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-25032\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:30:25.795648Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-05T13:13:03.002Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/24/1\"}, {\"url\": \"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/25/2\", \"name\": \"[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/26/1\", \"name\": \"[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5111\", \"name\": \"DSA-5111\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\", \"name\": \"[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\", \"name\": \"FEDORA-2022-413a80a102\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\", \"name\": \"FEDORA-2022-dbd2935e44\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\", \"name\": \"FEDORA-2022-12b89e2aad\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\", \"name\": \"[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/33\", \"name\": \"20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/35\", \"name\": \"20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/38\", \"name\": \"20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\", \"name\": \"FEDORA-2022-61cf1c64f6\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/3\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/1\"}, {\"url\": \"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\"}, {\"url\": \"https://github.com/madler/zlib/issues/605\"}, {\"url\": \"https://support.apple.com/kb/HT213257\"}, {\"url\": \"https://support.apple.com/kb/HT213256\"}, {\"url\": \"https://support.apple.com/kb/HT213255\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220526-0009/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0004/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\", \"name\": \"FEDORA-2022-3a92250fd5\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\", \"name\": \"FEDORA-2022-b58a85e167\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\", \"name\": \"[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202210-42\", \"name\": \"GLSA-202210-42\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2022-12-13T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2018-25032\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-06T14:19:53.894Z\", \"dateReserved\": \"2022-03-25T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2022-03-25T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2022:1062-1
Vulnerability from csaf_suse - Published: 2022-04-01 09:02 - Updated: 2022-04-01 09:02Summary
Security update for zlib
Severity
Important
Notes
Title of the patch: Security update for zlib
Description of the patch: This update for zlib fixes the following issues:
- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
Patchnames: SUSE-2022-1062,SUSE-OpenStack-Cloud-9-2022-1062,SUSE-OpenStack-Cloud-Crowbar-9-2022-1062,SUSE-SLE-SAP-12-SP4-2022-1062,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1062
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for zlib",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for zlib fixes the following issues:\n\n- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1062,SUSE-OpenStack-Cloud-9-2022-1062,SUSE-OpenStack-Cloud-Crowbar-9-2022-1062,SUSE-SLE-SAP-12-SP4-2022-1062,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1062",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1062-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1062-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221062-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1062-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010586.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197459",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-25032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-25032/"
}
],
"title": "Security update for zlib",
"tracking": {
"current_release_date": "2022-04-01T09:02:51Z",
"generator": {
"date": "2022-04-01T09:02:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1062-1",
"initial_release_date": "2022-04-01T09:02:51Z",
"revision_history": [
{
"date": "2022-04-01T09:02:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.aarch64",
"product": {
"name": "libminizip1-1.2.11-3.6.1.aarch64",
"product_id": "libminizip1-1.2.11-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.aarch64",
"product": {
"name": "libz1-1.2.11-3.6.1.aarch64",
"product_id": "libz1-1.2.11-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.aarch64",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.aarch64",
"product_id": "minizip-devel-1.2.11-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.aarch64",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.aarch64",
"product_id": "zlib-devel-1.2.11-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.aarch64",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.aarch64",
"product_id": "zlib-devel-static-1.2.11-3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product": {
"name": "libminizip1-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product_id": "libminizip1-64bit-1.2.11-3.6.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libz1-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product": {
"name": "libz1-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product_id": "libz1-64bit-1.2.11-3.6.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "zlib-devel-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product": {
"name": "zlib-devel-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product_id": "zlib-devel-64bit-1.2.11-3.6.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product": {
"name": "zlib-devel-static-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product_id": "zlib-devel-static-64bit-1.2.11-3.6.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.i586",
"product": {
"name": "libminizip1-1.2.11-3.6.1.i586",
"product_id": "libminizip1-1.2.11-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.i586",
"product": {
"name": "libz1-1.2.11-3.6.1.i586",
"product_id": "libz1-1.2.11-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.i586",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.i586",
"product_id": "minizip-devel-1.2.11-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.i586",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.i586",
"product_id": "zlib-devel-1.2.11-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.i586",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.i586",
"product_id": "zlib-devel-static-1.2.11-3.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.ppc64le",
"product": {
"name": "libminizip1-1.2.11-3.6.1.ppc64le",
"product_id": "libminizip1-1.2.11-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.ppc64le",
"product": {
"name": "libz1-1.2.11-3.6.1.ppc64le",
"product_id": "libz1-1.2.11-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.ppc64le",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.ppc64le",
"product_id": "minizip-devel-1.2.11-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.ppc64le",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.ppc64le",
"product_id": "zlib-devel-1.2.11-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.ppc64le",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.ppc64le",
"product_id": "zlib-devel-static-1.2.11-3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.s390",
"product": {
"name": "libminizip1-1.2.11-3.6.1.s390",
"product_id": "libminizip1-1.2.11-3.6.1.s390"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.s390",
"product": {
"name": "libz1-1.2.11-3.6.1.s390",
"product_id": "libz1-1.2.11-3.6.1.s390"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.s390",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.s390",
"product_id": "minizip-devel-1.2.11-3.6.1.s390"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.s390",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.s390",
"product_id": "zlib-devel-1.2.11-3.6.1.s390"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.s390",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.s390",
"product_id": "zlib-devel-static-1.2.11-3.6.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.s390x",
"product": {
"name": "libminizip1-1.2.11-3.6.1.s390x",
"product_id": "libminizip1-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libminizip1-32bit-1.2.11-3.6.1.s390x",
"product": {
"name": "libminizip1-32bit-1.2.11-3.6.1.s390x",
"product_id": "libminizip1-32bit-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.s390x",
"product": {
"name": "libz1-1.2.11-3.6.1.s390x",
"product_id": "libz1-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libz1-32bit-1.2.11-3.6.1.s390x",
"product": {
"name": "libz1-32bit-1.2.11-3.6.1.s390x",
"product_id": "libz1-32bit-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.s390x",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.s390x",
"product_id": "minizip-devel-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.s390x",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.s390x",
"product_id": "zlib-devel-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.11-3.6.1.s390x",
"product": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.s390x",
"product_id": "zlib-devel-32bit-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.s390x",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.s390x",
"product_id": "zlib-devel-static-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"product": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"product_id": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.x86_64",
"product": {
"name": "libminizip1-1.2.11-3.6.1.x86_64",
"product_id": "libminizip1-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libminizip1-32bit-1.2.11-3.6.1.x86_64",
"product": {
"name": "libminizip1-32bit-1.2.11-3.6.1.x86_64",
"product_id": "libminizip1-32bit-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.x86_64",
"product": {
"name": "libz1-1.2.11-3.6.1.x86_64",
"product_id": "libz1-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libz1-32bit-1.2.11-3.6.1.x86_64",
"product": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64",
"product_id": "libz1-32bit-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.x86_64",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.x86_64",
"product_id": "minizip-devel-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.x86_64",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64",
"product_id": "zlib-devel-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"product": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"product_id": "zlib-devel-32bit-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"product_id": "zlib-devel-static-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"product": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"product_id": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le"
},
"product_reference": "libz1-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64"
},
"product_reference": "libz1-1.2.11-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le"
},
"product_reference": "libz1-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x"
},
"product_reference": "libz1-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-25032"
}
],
"notes": [
{
"category": "general",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-25032",
"url": "https://www.suse.com/security/cve/CVE-2018-25032"
},
{
"category": "external",
"summary": "SUSE Bug 1197459 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "external",
"summary": "SUSE Bug 1197893 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197893"
},
{
"category": "external",
"summary": "SUSE Bug 1198667 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1198667"
},
{
"category": "external",
"summary": "SUSE Bug 1199104 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1199104"
},
{
"category": "external",
"summary": "SUSE Bug 1200049 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1200049"
},
{
"category": "external",
"summary": "SUSE Bug 1201732 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1201732"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1202688"
},
{
"category": "external",
"summary": "SUSE Bug 1224427 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1224427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-01T09:02:51Z",
"details": "important"
}
],
"title": "CVE-2018-25032"
}
]
}
SUSE-SU-2022:14929-1
Vulnerability from csaf_suse - Published: 2022-04-01 08:36 - Updated: 2022-04-01 08:36Summary
Security update for zlib
Severity
Important
Notes
Title of the patch: Security update for zlib
Description of the patch: This update for zlib fixes the following issues:
- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
Patchnames: sleposp3-zlib-14929,slessp4-zlib-14929
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for zlib",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for zlib fixes the following issues:\n\n- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-zlib-14929,slessp4-zlib-14929",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_14929-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:14929-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-202214929-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:14929-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010584.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197459",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-25032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-25032/"
}
],
"title": "Security update for zlib",
"tracking": {
"current_release_date": "2022-04-01T08:36:05Z",
"generator": {
"date": "2022-04-01T08:36:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:14929-1",
"initial_release_date": "2022-04-01T08:36:05Z",
"revision_history": [
{
"date": "2022-04-01T08:36:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "zlib-1.2.7-0.17.3.1.i586",
"product": {
"name": "zlib-1.2.7-0.17.3.1.i586",
"product_id": "zlib-1.2.7-0.17.3.1.i586"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.7-0.17.3.1.i586",
"product": {
"name": "zlib-devel-1.2.7-0.17.3.1.i586",
"product_id": "zlib-devel-1.2.7-0.17.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "zlib-1.2.7-0.17.3.1.ppc64",
"product": {
"name": "zlib-1.2.7-0.17.3.1.ppc64",
"product_id": "zlib-1.2.7-0.17.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "zlib-32bit-1.2.7-0.17.3.1.ppc64",
"product": {
"name": "zlib-32bit-1.2.7-0.17.3.1.ppc64",
"product_id": "zlib-32bit-1.2.7-0.17.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.7-0.17.3.1.ppc64",
"product": {
"name": "zlib-devel-1.2.7-0.17.3.1.ppc64",
"product_id": "zlib-devel-1.2.7-0.17.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"product": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"product_id": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "zlib-1.2.7-0.17.3.1.s390x",
"product": {
"name": "zlib-1.2.7-0.17.3.1.s390x",
"product_id": "zlib-1.2.7-0.17.3.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-32bit-1.2.7-0.17.3.1.s390x",
"product": {
"name": "zlib-32bit-1.2.7-0.17.3.1.s390x",
"product_id": "zlib-32bit-1.2.7-0.17.3.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.7-0.17.3.1.s390x",
"product": {
"name": "zlib-devel-1.2.7-0.17.3.1.s390x",
"product_id": "zlib-devel-1.2.7-0.17.3.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"product": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"product_id": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "zlib-1.2.7-0.17.3.1.x86_64",
"product": {
"name": "zlib-1.2.7-0.17.3.1.x86_64",
"product_id": "zlib-1.2.7-0.17.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-32bit-1.2.7-0.17.3.1.x86_64",
"product": {
"name": "zlib-32bit-1.2.7-0.17.3.1.x86_64",
"product_id": "zlib-32bit-1.2.7-0.17.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.7-0.17.3.1.x86_64",
"product": {
"name": "zlib-devel-1.2.7-0.17.3.1.x86_64",
"product_id": "zlib-devel-1.2.7-0.17.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64",
"product": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64",
"product_id": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586"
},
"product_reference": "zlib-1.2.7-0.17.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586"
},
"product_reference": "zlib-1.2.7-0.17.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64"
},
"product_reference": "zlib-1.2.7-0.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x"
},
"product_reference": "zlib-1.2.7-0.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64"
},
"product_reference": "zlib-1.2.7-0.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-32bit-1.2.7-0.17.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64"
},
"product_reference": "zlib-32bit-1.2.7-0.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-32bit-1.2.7-0.17.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x"
},
"product_reference": "zlib-32bit-1.2.7-0.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-32bit-1.2.7-0.17.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64"
},
"product_reference": "zlib-32bit-1.2.7-0.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.7-0.17.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586"
},
"product_reference": "zlib-devel-1.2.7-0.17.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.7-0.17.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64"
},
"product_reference": "zlib-devel-1.2.7-0.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.7-0.17.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x"
},
"product_reference": "zlib-devel-1.2.7-0.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.7-0.17.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64"
},
"product_reference": "zlib-devel-1.2.7-0.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64"
},
"product_reference": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x"
},
"product_reference": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-25032"
}
],
"notes": [
{
"category": "general",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-25032",
"url": "https://www.suse.com/security/cve/CVE-2018-25032"
},
{
"category": "external",
"summary": "SUSE Bug 1197459 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "external",
"summary": "SUSE Bug 1197893 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197893"
},
{
"category": "external",
"summary": "SUSE Bug 1198667 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1198667"
},
{
"category": "external",
"summary": "SUSE Bug 1199104 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1199104"
},
{
"category": "external",
"summary": "SUSE Bug 1200049 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1200049"
},
{
"category": "external",
"summary": "SUSE Bug 1201732 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1201732"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1202688"
},
{
"category": "external",
"summary": "SUSE Bug 1224427 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1224427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-01T08:36:05Z",
"details": "important"
}
],
"title": "CVE-2018-25032"
}
]
}
SUSE-SU-2022:3225-1
Vulnerability from csaf_suse - Published: 2022-09-09 05:57 - Updated: 2022-09-09 05:57Summary
Security update for mariadb
Severity
Important
Notes
Title of the patch: Security update for mariadb
Description of the patch: This update for mariadb fixes the following issues:
Update to 10.4.26:
- CVE-2022-32089 (bsc#1201169)
- CVE-2022-32081 (bsc#1201161)
- CVE-2022-32091 (bsc#1201170)
- CVE-2022-32084 (bsc#1201164)
- CVE-2018-25032 (bsc#1197459)
- CVE-2022-32088 (bsc#1201168)
- CVE-2022-32087 (bsc#1201167)
- CVE-2022-32086 (bsc#1201166)
- CVE-2022-32085 (bsc#1201165)
- CVE-2022-32083 (bsc#1201163)
Bugfixes:
- Update mysql-systemd-helper to be aware of custom group (bsc#1200105).
External references:
- https://mariadb.com/kb/en/library/mariadb-10426-release-notes
- https://mariadb.com/kb/en/library/mariadb-10426-changelog
Patchnames: SUSE-2022-3225,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3225,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3225,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3225,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3225,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3225,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3225,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3225,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3225,SUSE-Storage-7-2022-3225
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
52 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mariadb",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mariadb fixes the following issues:\n\nUpdate to 10.4.26:\n\n- CVE-2022-32089 (bsc#1201169)\n- CVE-2022-32081 (bsc#1201161)\n- CVE-2022-32091 (bsc#1201170)\n- CVE-2022-32084 (bsc#1201164)\n- CVE-2018-25032 (bsc#1197459)\n- CVE-2022-32088 (bsc#1201168)\n- CVE-2022-32087 (bsc#1201167)\n- CVE-2022-32086 (bsc#1201166)\n- CVE-2022-32085 (bsc#1201165)\n- CVE-2022-32083 (bsc#1201163)\n\nBugfixes:\n\n- Update mysql-systemd-helper to be aware of custom group (bsc#1200105).\n\nExternal references:\n\n- https://mariadb.com/kb/en/library/mariadb-10426-release-notes\n- https://mariadb.com/kb/en/library/mariadb-10426-changelog\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3225,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3225,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3225,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3225,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3225,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3225,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3225,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3225,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3225,SUSE-Storage-7-2022-3225",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3225-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3225-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223225-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3225-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012197.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197459",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "self",
"summary": "SUSE Bug 1200105",
"url": "https://bugzilla.suse.com/1200105"
},
{
"category": "self",
"summary": "SUSE Bug 1201161",
"url": "https://bugzilla.suse.com/1201161"
},
{
"category": "self",
"summary": "SUSE Bug 1201163",
"url": "https://bugzilla.suse.com/1201163"
},
{
"category": "self",
"summary": "SUSE Bug 1201164",
"url": "https://bugzilla.suse.com/1201164"
},
{
"category": "self",
"summary": "SUSE Bug 1201165",
"url": "https://bugzilla.suse.com/1201165"
},
{
"category": "self",
"summary": "SUSE Bug 1201166",
"url": "https://bugzilla.suse.com/1201166"
},
{
"category": "self",
"summary": "SUSE Bug 1201167",
"url": "https://bugzilla.suse.com/1201167"
},
{
"category": "self",
"summary": "SUSE Bug 1201168",
"url": "https://bugzilla.suse.com/1201168"
},
{
"category": "self",
"summary": "SUSE Bug 1201169",
"url": "https://bugzilla.suse.com/1201169"
},
{
"category": "self",
"summary": "SUSE Bug 1201170",
"url": "https://bugzilla.suse.com/1201170"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-25032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-25032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32081 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32083 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32084 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32085 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32086 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32087 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32088 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32089 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32091 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32091/"
}
],
"title": "Security update for mariadb",
"tracking": {
"current_release_date": "2022-09-09T05:57:49Z",
"generator": {
"date": "2022-09-09T05:57:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3225-1",
"initial_release_date": "2022-09-09T05:57:49Z",
"revision_history": [
{
"date": "2022-09-09T05:57:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.i586",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.i586",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.i586",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.i586",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"product": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"product_id": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.s390x",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-25032"
}
],
"notes": [
{
"category": "general",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-25032",
"url": "https://www.suse.com/security/cve/CVE-2018-25032"
},
{
"category": "external",
"summary": "SUSE Bug 1197459 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "external",
"summary": "SUSE Bug 1197893 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197893"
},
{
"category": "external",
"summary": "SUSE Bug 1198667 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1198667"
},
{
"category": "external",
"summary": "SUSE Bug 1199104 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1199104"
},
{
"category": "external",
"summary": "SUSE Bug 1200049 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1200049"
},
{
"category": "external",
"summary": "SUSE Bug 1201732 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1201732"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1202688"
},
{
"category": "external",
"summary": "SUSE Bug 1224427 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1224427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "important"
}
],
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2022-32081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32081"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32081",
"url": "https://www.suse.com/security/cve/CVE-2022-32081"
},
{
"category": "external",
"summary": "SUSE Bug 1201161 for CVE-2022-32081",
"url": "https://bugzilla.suse.com/1201161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32081"
},
{
"cve": "CVE-2022-32083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32083"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32083",
"url": "https://www.suse.com/security/cve/CVE-2022-32083"
},
{
"category": "external",
"summary": "SUSE Bug 1201163 for CVE-2022-32083",
"url": "https://bugzilla.suse.com/1201163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32083"
},
{
"cve": "CVE-2022-32084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32084"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32084",
"url": "https://www.suse.com/security/cve/CVE-2022-32084"
},
{
"category": "external",
"summary": "SUSE Bug 1201164 for CVE-2022-32084",
"url": "https://bugzilla.suse.com/1201164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32084"
},
{
"cve": "CVE-2022-32085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32085"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32085",
"url": "https://www.suse.com/security/cve/CVE-2022-32085"
},
{
"category": "external",
"summary": "SUSE Bug 1201165 for CVE-2022-32085",
"url": "https://bugzilla.suse.com/1201165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32085"
},
{
"cve": "CVE-2022-32086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32086"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32086",
"url": "https://www.suse.com/security/cve/CVE-2022-32086"
},
{
"category": "external",
"summary": "SUSE Bug 1201166 for CVE-2022-32086",
"url": "https://bugzilla.suse.com/1201166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32086"
},
{
"cve": "CVE-2022-32087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32087"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32087",
"url": "https://www.suse.com/security/cve/CVE-2022-32087"
},
{
"category": "external",
"summary": "SUSE Bug 1201167 for CVE-2022-32087",
"url": "https://bugzilla.suse.com/1201167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32087"
},
{
"cve": "CVE-2022-32088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32088"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32088",
"url": "https://www.suse.com/security/cve/CVE-2022-32088"
},
{
"category": "external",
"summary": "SUSE Bug 1201168 for CVE-2022-32088",
"url": "https://bugzilla.suse.com/1201168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32088"
},
{
"cve": "CVE-2022-32089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32089"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32089",
"url": "https://www.suse.com/security/cve/CVE-2022-32089"
},
{
"category": "external",
"summary": "SUSE Bug 1201169 for CVE-2022-32089",
"url": "https://bugzilla.suse.com/1201169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32089"
},
{
"cve": "CVE-2022-32091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32091"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32091",
"url": "https://www.suse.com/security/cve/CVE-2022-32091"
},
{
"category": "external",
"summary": "SUSE Bug 1201170 for CVE-2022-32091",
"url": "https://bugzilla.suse.com/1201170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32091"
}
]
}
VAR-202203-1690
Vulnerability from variot - Updated: 2024-07-23 19:43zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. ========================================================================== Ubuntu Security Notice USN-5359-2 June 13, 2022
rsync vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
rsync could be made to crash or run programs if it received specially crafted network traffic.
Software Description: - rsync: fast, versatile, remote (and local) file-copying tool
Details:
USN-5359-1 fixed vulnerabilities in rsync.
Original advisory details:
Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: rsync 3.1.1-3ubuntu1.3+esm1
In general, a standard system update will make all the necessary changes. Bugs fixed (https://bugzilla.redhat.com/):
2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data 2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way 2031958 - CVE-2021-43797 netty: control chars in header names may lead to HTTP request smuggling 2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter 2058404 - CVE-2022-0759 kubeclient: kubeconfig parsing error can lead to MITM attacks
- JIRA issues fixed (https://issues.jboss.org/):
LOG-2334 - [release-5.3] Events listing out of order in Kibana 6.8.1 LOG-2450 - http.max_header_size set to 128kb causes communication with elasticsearch to stop working LOG-2481 - EO shouldn't grant cluster-wide permission to system:serviceaccount:openshift-monitoring:prometheus-k8s when ES cluster is deployed. [openshift-logging 5.3]
- This update provides security fixes, bug fixes, and updates container images. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.4.4 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/
Security fixes:
-
Vm2: vulnerable to Sandbox Bypass (CVE-2021-23555)
-
Golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
-
Follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)
-
Node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
-
Follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
-
Urijs: Authorization Bypass Through User-Controlled Key (CVE-2022-0613)
-
Nconf: Prototype pollution in memory store (CVE-2022-21803)
-
Nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450)
-
Urijs: Leading white space bypasses protocol validation (CVE-2022-24723)
-
Node-forge: Signature verification leniency in checking
digestAlgorithmstructure can lead to signature forgery (CVE-2022-24771) -
Node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)
-
Node-forge: Signature verification leniency in checking
DigestInfostructure (CVE-2022-24773) -
Cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-1365)
-
Moment.js: Path traversal in moment.locale (CVE-2022-24785)
Bug fixes:
-
Failed ClusterDeployment validation errors do not surface through the ClusterPool UI (Bugzilla #1995380)
-
Agents wrong validation failure on failing to fetch image needed for installation (Bugzilla #2008583)
-
Fix catalogsource name (Bugzilla #2038250)
-
When the ocp console operator is disable on the managed cluster, the cluster claims failed to update (Bugzilla #2057761)
-
Multicluster-operators-hub-subscription OOMKilled (Bugzilla #2053308)
-
RHACM 2.4.1 Console becomes unstable and refuses login after one hour (Bugzilla #2061958)
-
RHACM 2.4.4 images (Bugzilla #2077548)
-
Bugs fixed (https://bugzilla.redhat.com/):
1995380 - failed ClusterDeployment validation errors do not surface through the ClusterPool UI
2008583 - Agents wrong validation failure on failing to fetch image needed for installation
2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic
2038250 - Fix catalogsource name
2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor
2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor
2052573 - CVE-2022-24450 nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account
2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak
2053308 - multicluster-operators-hub-subscription OOMKilled
2054114 - CVE-2021-23555 vm2: vulnerable to Sandbox Bypass
2055496 - CVE-2022-0613 urijs: Authorization Bypass Through User-Controlled Key
2057761 - When the ocp console operator is disable on the managed cluster, the cluster claims failed to update
2058295 - ACM doesn't accept secret type opaque for cluster api certificate
2061958 - RHACM 2.4.1 Console becomes unstable and refuses login after one hour
2062370 - CVE-2022-24723 urijs: Leading white space bypasses protocol validation
2067387 - CVE-2022-24771 node-forge: Signature verification leniency in checking digestAlgorithm structure can lead to signature forgery
2067458 - CVE-2022-24772 node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery
2067461 - CVE-2022-24773 node-forge: Signature verification leniency in checking DigestInfo structure
2072009 - CVE-2022-24785 Moment.js: Path traversal in moment.locale
2074689 - CVE-2022-21803 nconf: Prototype pollution in memory store
2076133 - CVE-2022-1365 cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor
2077548 - RHACM 2.4.4 images
- Bugs fixed (https://bugzilla.redhat.com/):
2081686 - CVE-2022-29165 argocd: ArgoCD will blindly trust JWT claims if anonymous access is enabled 2081689 - CVE-2022-24905 argocd: Login screen allows message spoofing if SSO is enabled 2081691 - CVE-2022-24904 argocd: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server
-
8) - noarch
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. Description:
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Security Fix(es):
- argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI. Bugs fixed (https://bugzilla.redhat.com/):
2096278 - CVE-2022-31035 argocd: cross-site scripting (XSS) allow a malicious user to inject a javascript link in the UI 2096282 - CVE-2022-31034 argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI. 2096283 - CVE-2022-31016 argocd: vulnerable to an uncontrolled memory consumption bug 2096291 - CVE-2022-31036 argocd: vulnerable to a symlink following bug allowing a malicious user with repository write access
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: zlib security update Advisory ID: RHSA-2022:2213-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:2213 Issue date: 2022-05-11 CVE Names: CVE-2018-25032 ==================================================================== 1. Summary:
An update for zlib is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.
Security Fix(es):
- zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: zlib-1.2.7-20.el7_9.src.rpm
x86_64: zlib-1.2.7-20.el7_9.i686.rpm zlib-1.2.7-20.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-20.el7_9.i686.rpm zlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: minizip-1.2.7-20.el7_9.i686.rpm minizip-1.2.7-20.el7_9.x86_64.rpm minizip-devel-1.2.7-20.el7_9.i686.rpm minizip-devel-1.2.7-20.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-20.el7_9.i686.rpm zlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm zlib-devel-1.2.7-20.el7_9.i686.rpm zlib-devel-1.2.7-20.el7_9.x86_64.rpm zlib-static-1.2.7-20.el7_9.i686.rpm zlib-static-1.2.7-20.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: zlib-1.2.7-20.el7_9.src.rpm
x86_64: zlib-1.2.7-20.el7_9.i686.rpm zlib-1.2.7-20.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-20.el7_9.i686.rpm zlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: minizip-1.2.7-20.el7_9.i686.rpm minizip-1.2.7-20.el7_9.x86_64.rpm minizip-devel-1.2.7-20.el7_9.i686.rpm minizip-devel-1.2.7-20.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-20.el7_9.i686.rpm zlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm zlib-devel-1.2.7-20.el7_9.i686.rpm zlib-devel-1.2.7-20.el7_9.x86_64.rpm zlib-static-1.2.7-20.el7_9.i686.rpm zlib-static-1.2.7-20.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: zlib-1.2.7-20.el7_9.src.rpm
ppc64: zlib-1.2.7-20.el7_9.ppc.rpm zlib-1.2.7-20.el7_9.ppc64.rpm zlib-debuginfo-1.2.7-20.el7_9.ppc.rpm zlib-debuginfo-1.2.7-20.el7_9.ppc64.rpm zlib-devel-1.2.7-20.el7_9.ppc.rpm zlib-devel-1.2.7-20.el7_9.ppc64.rpm
ppc64le: zlib-1.2.7-20.el7_9.ppc64le.rpm zlib-debuginfo-1.2.7-20.el7_9.ppc64le.rpm zlib-devel-1.2.7-20.el7_9.ppc64le.rpm
s390x: zlib-1.2.7-20.el7_9.s390.rpm zlib-1.2.7-20.el7_9.s390x.rpm zlib-debuginfo-1.2.7-20.el7_9.s390.rpm zlib-debuginfo-1.2.7-20.el7_9.s390x.rpm zlib-devel-1.2.7-20.el7_9.s390.rpm zlib-devel-1.2.7-20.el7_9.s390x.rpm
x86_64: zlib-1.2.7-20.el7_9.i686.rpm zlib-1.2.7-20.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-20.el7_9.i686.rpm zlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm zlib-devel-1.2.7-20.el7_9.i686.rpm zlib-devel-1.2.7-20.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: minizip-1.2.7-20.el7_9.ppc.rpm minizip-1.2.7-20.el7_9.ppc64.rpm minizip-devel-1.2.7-20.el7_9.ppc.rpm minizip-devel-1.2.7-20.el7_9.ppc64.rpm zlib-debuginfo-1.2.7-20.el7_9.ppc.rpm zlib-debuginfo-1.2.7-20.el7_9.ppc64.rpm zlib-static-1.2.7-20.el7_9.ppc.rpm zlib-static-1.2.7-20.el7_9.ppc64.rpm
ppc64le: minizip-1.2.7-20.el7_9.ppc64le.rpm minizip-devel-1.2.7-20.el7_9.ppc64le.rpm zlib-debuginfo-1.2.7-20.el7_9.ppc64le.rpm zlib-static-1.2.7-20.el7_9.ppc64le.rpm
s390x: minizip-1.2.7-20.el7_9.s390.rpm minizip-1.2.7-20.el7_9.s390x.rpm minizip-devel-1.2.7-20.el7_9.s390.rpm minizip-devel-1.2.7-20.el7_9.s390x.rpm zlib-debuginfo-1.2.7-20.el7_9.s390.rpm zlib-debuginfo-1.2.7-20.el7_9.s390x.rpm zlib-static-1.2.7-20.el7_9.s390.rpm zlib-static-1.2.7-20.el7_9.s390x.rpm
x86_64: minizip-1.2.7-20.el7_9.i686.rpm minizip-1.2.7-20.el7_9.x86_64.rpm minizip-devel-1.2.7-20.el7_9.i686.rpm minizip-devel-1.2.7-20.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-20.el7_9.i686.rpm zlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm zlib-static-1.2.7-20.el7_9.i686.rpm zlib-static-1.2.7-20.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: zlib-1.2.7-20.el7_9.src.rpm
x86_64: zlib-1.2.7-20.el7_9.i686.rpm zlib-1.2.7-20.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-20.el7_9.i686.rpm zlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm zlib-devel-1.2.7-20.el7_9.i686.rpm zlib-devel-1.2.7-20.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: minizip-1.2.7-20.el7_9.i686.rpm minizip-1.2.7-20.el7_9.x86_64.rpm minizip-devel-1.2.7-20.el7_9.i686.rpm minizip-devel-1.2.7-20.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-20.el7_9.i686.rpm zlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm zlib-static-1.2.7-20.el7_9.i686.rpm zlib-static-1.2.7-20.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-25032 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYnw1+9zjgjWX9erEAQhePQ//UtM5hhHSzE0ZKC4Z9/u34cRNcqIc5nmT opYgZo/hPWp5kkh0R9/tAMWAEa7olBzfzsxulOkm2I65R6k/+fLKaXeQOcwMAkSH gyKBU2TG3+ziT1BrsXBDWAse9mqU+zX7t9rDUZ8u9g30qr/9xrDtrVb0b4Sypslf K5CEMHoskqCnHdl2j+vPOyOCwq8KxLMPBAYtY/X51JwLtT8thvmCQrPWANvWjoSq nDhdVsWpBtPNnsgBqg8Jv+9YhEHJTaa3wVPVorzgP2Bo4W8gmiiukSK9Sv3zcCTu lJnSolqBBU7NmGdQooPrUlUoqJUKXfFXgu+mjybTym8Fdoe0lnxLFSvoEeAr9Swo XlFeBrOR8F5SO16tYKCAtyhafmJn+8MisTPN0NmUD7VLAJ0FzhEk48dlLl5+EoAy AlxiuqgKh+O1zFRN80RSvYkPjWKU6KyK8QJaSKdroGcMjNkjhZ3cM6bpVP6V75F3 CcLZWlP5d18qgfL/SRZo8NG23h+Fzz6FWNSQQZse27NS3BZsM4PVsHF5oaRN3Vij AFwDmIhHL7pE8pZaWck7qevt3i/hwzwYWV5VYYRgkYQIvveE0WUM/kqm+wqlU50Y bbpALcI5h9b83JgteVQG0hf9h5avYzgGrfbj+FOEVPPN86K37ILDvT45VcSjf1vO 4nrrtbUzAhY=Pgu3 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-1690",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.7.5"
},
{
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "13.46"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "17.32"
},
{
"model": "hci compute node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "management services for element software",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.9.2"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "11.54"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.9.13"
},
{
"model": "scalance sc632-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "h300s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.5.17"
},
{
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "scalance sc646-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.8.0"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.3.36"
},
{
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "6.45"
},
{
"model": "gotoassist",
"scope": "lt",
"trust": 1.0,
"vendor": "goto",
"version": "11.9.18"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.4.0"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.5.0"
},
{
"model": "h500s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.7.0"
},
{
"model": "scalance sc626-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.7.14"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "scalance sc636-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "h410c",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "11.0"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.6.6"
},
{
"model": "e-series santricity os controller",
"scope": "lte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.70.2"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.8.0"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.8.4"
},
{
"model": "h700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.15"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.8.14"
},
{
"model": "zlib",
"scope": "lt",
"trust": 1.0,
"vendor": "zlib",
"version": "1.2.12"
},
{
"model": "scalance sc622-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0.0"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.3.0"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.6.0"
},
{
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "15.38"
},
{
"model": "scalance sc642-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.10.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.6.9"
},
{
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "7.52"
},
{
"model": "h410s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.9.0"
},
{
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "8.60"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.7.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.10.0"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.4.26"
},
{
"model": "e-series santricity os controller",
"scope": "gte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.0.0"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.9.0"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.2.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.15.7",
"versionStartIncluding": "10.15",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.6",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.10.5",
"versionStartIncluding": "3.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.9.13",
"versionStartIncluding": "3.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.7.14",
"versionStartIncluding": "3.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.8.14",
"versionStartIncluding": "3.8.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.36",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.4.26",
"versionStartIncluding": "10.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.5.17",
"versionStartIncluding": "10.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.6.9",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.7.5",
"versionStartIncluding": "10.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.8.4",
"versionStartIncluding": "10.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.9.2",
"versionStartIncluding": "10.9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.70.2",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_sc626-2c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_sc626-2c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:azul:zulu:7.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:azul:zulu:8.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:azul:zulu:11.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:azul:zulu:13.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:azul:zulu:15.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:azul:zulu:17.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:azul:zulu:6.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:goto:gotoassist:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.9.18",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "167381"
},
{
"db": "PACKETSTORM",
"id": "167140"
},
{
"db": "PACKETSTORM",
"id": "167122"
},
{
"db": "PACKETSTORM",
"id": "166946"
},
{
"db": "PACKETSTORM",
"id": "166970"
},
{
"db": "PACKETSTORM",
"id": "167225"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167568"
},
{
"db": "PACKETSTORM",
"id": "167133"
}
],
"trust": 0.9
},
"cve": "CVE-2018-25032",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-418557",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-25032",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-418557",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. ==========================================================================\nUbuntu Security Notice USN-5359-2\nJune 13, 2022\n\nrsync vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n\nSummary:\n\nrsync could be made to crash or run programs if it received\nspecially crafted network traffic. \n\nSoftware Description:\n- rsync: fast, versatile, remote (and local) file-copying tool\n\nDetails:\n\nUSN-5359-1 fixed vulnerabilities in rsync. \n\nOriginal advisory details:\n\n Danilo Ramos discovered that rsync incorrectly handled memory when\n performing certain zlib deflating operations. An attacker could use this\n issue to cause rsync to crash, resulting in a denial of service, or\n possibly execute arbitrary code. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n rsync 3.1.1-3ubuntu1.3+esm1\n\nIn general, a standard system update will make all the necessary changes. Bugs fixed (https://bugzilla.redhat.com/):\n\n2004133 - CVE-2021-37136 netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data\n2004135 - CVE-2021-37137 netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way\n2031958 - CVE-2021-43797 netty: control chars in header names may lead to HTTP request smuggling\n2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter\n2058404 - CVE-2022-0759 kubeclient: kubeconfig parsing error can lead to MITM attacks\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-2334 - [release-5.3] Events listing out of order in Kibana 6.8.1\nLOG-2450 - http.max_header_size set to 128kb causes communication with elasticsearch to stop working\nLOG-2481 - EO shouldn\u0027t grant cluster-wide permission to system:serviceaccount:openshift-monitoring:prometheus-k8s when ES cluster is deployed. [openshift-logging 5.3]\n\n6. This update provides security fixes, bug\nfixes, and updates container images. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.4.4 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. \n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/\n\nSecurity fixes:\n\n* Vm2: vulnerable to Sandbox Bypass (CVE-2021-23555)\n\n* Golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* Follow-redirects: Exposure of Private Personal Information to an\nUnauthorized Actor (CVE-2022-0155)\n\n* Node-fetch: exposure of sensitive information to an unauthorized actor\n(CVE-2022-0235)\n\n* Follow-redirects: Exposure of Sensitive Information via Authorization\nHeader leak (CVE-2022-0536)\n\n* Urijs: Authorization Bypass Through User-Controlled Key (CVE-2022-0613)\n\n* Nconf: Prototype pollution in memory store (CVE-2022-21803)\n\n* Nats-server: misusing the \"dynamically provisioned sandbox accounts\"\nfeature authenticated user can obtain the privileges of the System account\n(CVE-2022-24450)\n\n* Urijs: Leading white space bypasses protocol validation (CVE-2022-24723)\n\n* Node-forge: Signature verification leniency in checking `digestAlgorithm`\nstructure can lead to signature forgery (CVE-2022-24771)\n\n* Node-forge: Signature verification failing to check tailing garbage bytes\ncan lead to signature forgery (CVE-2022-24772)\n\n* Node-forge: Signature verification leniency in checking `DigestInfo`\nstructure (CVE-2022-24773)\n\n* Cross-fetch: Exposure of Private Personal Information to an Unauthorized\nActor (CVE-2022-1365)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\nBug fixes:\n\n* Failed ClusterDeployment validation errors do not surface through the\nClusterPool UI (Bugzilla #1995380)\n\n* Agents wrong validation failure on failing to fetch image needed for\ninstallation (Bugzilla #2008583)\n\n* Fix catalogsource name (Bugzilla #2038250)\n\n* When the ocp console operator is disable on the managed cluster, the\ncluster claims failed to update (Bugzilla #2057761)\n\n* Multicluster-operators-hub-subscription OOMKilled (Bugzilla #2053308)\n\n* RHACM 2.4.1 Console becomes unstable and refuses login after one hour\n(Bugzilla #2061958)\n\n* RHACM 2.4.4 images (Bugzilla #2077548)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1995380 - failed ClusterDeployment validation errors do not surface through the ClusterPool UI\n2008583 - Agents wrong validation failure on failing to fetch image needed for installation\n2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic\n2038250 - Fix catalogsource name\n2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor\n2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor\n2052573 - CVE-2022-24450 nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account\n2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak\n2053308 - multicluster-operators-hub-subscription OOMKilled\n2054114 - CVE-2021-23555 vm2: vulnerable to Sandbox Bypass\n2055496 - CVE-2022-0613 urijs: Authorization Bypass Through User-Controlled Key\n2057761 - When the ocp console operator is disable on the managed cluster, the cluster claims failed to update\n2058295 - ACM doesn\u0027t accept secret type opaque for cluster api certificate\n2061958 - RHACM 2.4.1 Console becomes unstable and refuses login after one hour\n2062370 - CVE-2022-24723 urijs: Leading white space bypasses protocol validation\n2067387 - CVE-2022-24771 node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery\n2067458 - CVE-2022-24772 node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery\n2067461 - CVE-2022-24773 node-forge: Signature verification leniency in checking `DigestInfo` structure\n2072009 - CVE-2022-24785 Moment.js: Path traversal in moment.locale\n2074689 - CVE-2022-21803 nconf: Prototype pollution in memory store\n2076133 - CVE-2022-1365 cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor\n2077548 - RHACM 2.4.4 images\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2081686 - CVE-2022-29165 argocd: ArgoCD will blindly trust JWT claims if anonymous access is enabled\n2081689 - CVE-2022-24905 argocd: Login screen allows message spoofing if SSO is enabled\n2081691 - CVE-2022-24904 argocd: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server\n\n5. 8) - noarch\n\n3. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.7 Release Notes linked from the References section. Description:\n\nRed Hat Openshift GitOps is a declarative way to implement continuous\ndeployment for cloud native applications. \n\nSecurity Fix(es):\n\n* argocd: vulnerable to a variety of attacks when an SSO login is initiated\nfrom the Argo CD CLI or the UI. Bugs fixed (https://bugzilla.redhat.com/):\n\n2096278 - CVE-2022-31035 argocd: cross-site scripting (XSS) allow a malicious user to inject a javascript link in the UI\n2096282 - CVE-2022-31034 argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI. \n2096283 - CVE-2022-31016 argocd: vulnerable to an uncontrolled memory consumption bug\n2096291 - CVE-2022-31036 argocd: vulnerable to a symlink following bug allowing a malicious user with repository write access\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: zlib security update\nAdvisory ID: RHSA-2022:2213-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:2213\nIssue date: 2022-05-11\nCVE Names: CVE-2018-25032\n====================================================================\n1. Summary:\n\nAn update for zlib is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe zlib packages provide a general-purpose lossless data compression\nlibrary that is used by many different programs. \n\nSecurity Fix(es):\n\n* zlib: A flaw found in zlib when compressing (not decompressing) certain\ninputs (CVE-2018-25032)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nzlib-1.2.7-20.el7_9.src.rpm\n\nx86_64:\nzlib-1.2.7-20.el7_9.i686.rpm\nzlib-1.2.7-20.el7_9.x86_64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.i686.rpm\nzlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nminizip-1.2.7-20.el7_9.i686.rpm\nminizip-1.2.7-20.el7_9.x86_64.rpm\nminizip-devel-1.2.7-20.el7_9.i686.rpm\nminizip-devel-1.2.7-20.el7_9.x86_64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.i686.rpm\nzlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm\nzlib-devel-1.2.7-20.el7_9.i686.rpm\nzlib-devel-1.2.7-20.el7_9.x86_64.rpm\nzlib-static-1.2.7-20.el7_9.i686.rpm\nzlib-static-1.2.7-20.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nzlib-1.2.7-20.el7_9.src.rpm\n\nx86_64:\nzlib-1.2.7-20.el7_9.i686.rpm\nzlib-1.2.7-20.el7_9.x86_64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.i686.rpm\nzlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nminizip-1.2.7-20.el7_9.i686.rpm\nminizip-1.2.7-20.el7_9.x86_64.rpm\nminizip-devel-1.2.7-20.el7_9.i686.rpm\nminizip-devel-1.2.7-20.el7_9.x86_64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.i686.rpm\nzlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm\nzlib-devel-1.2.7-20.el7_9.i686.rpm\nzlib-devel-1.2.7-20.el7_9.x86_64.rpm\nzlib-static-1.2.7-20.el7_9.i686.rpm\nzlib-static-1.2.7-20.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nzlib-1.2.7-20.el7_9.src.rpm\n\nppc64:\nzlib-1.2.7-20.el7_9.ppc.rpm\nzlib-1.2.7-20.el7_9.ppc64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.ppc.rpm\nzlib-debuginfo-1.2.7-20.el7_9.ppc64.rpm\nzlib-devel-1.2.7-20.el7_9.ppc.rpm\nzlib-devel-1.2.7-20.el7_9.ppc64.rpm\n\nppc64le:\nzlib-1.2.7-20.el7_9.ppc64le.rpm\nzlib-debuginfo-1.2.7-20.el7_9.ppc64le.rpm\nzlib-devel-1.2.7-20.el7_9.ppc64le.rpm\n\ns390x:\nzlib-1.2.7-20.el7_9.s390.rpm\nzlib-1.2.7-20.el7_9.s390x.rpm\nzlib-debuginfo-1.2.7-20.el7_9.s390.rpm\nzlib-debuginfo-1.2.7-20.el7_9.s390x.rpm\nzlib-devel-1.2.7-20.el7_9.s390.rpm\nzlib-devel-1.2.7-20.el7_9.s390x.rpm\n\nx86_64:\nzlib-1.2.7-20.el7_9.i686.rpm\nzlib-1.2.7-20.el7_9.x86_64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.i686.rpm\nzlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm\nzlib-devel-1.2.7-20.el7_9.i686.rpm\nzlib-devel-1.2.7-20.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nminizip-1.2.7-20.el7_9.ppc.rpm\nminizip-1.2.7-20.el7_9.ppc64.rpm\nminizip-devel-1.2.7-20.el7_9.ppc.rpm\nminizip-devel-1.2.7-20.el7_9.ppc64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.ppc.rpm\nzlib-debuginfo-1.2.7-20.el7_9.ppc64.rpm\nzlib-static-1.2.7-20.el7_9.ppc.rpm\nzlib-static-1.2.7-20.el7_9.ppc64.rpm\n\nppc64le:\nminizip-1.2.7-20.el7_9.ppc64le.rpm\nminizip-devel-1.2.7-20.el7_9.ppc64le.rpm\nzlib-debuginfo-1.2.7-20.el7_9.ppc64le.rpm\nzlib-static-1.2.7-20.el7_9.ppc64le.rpm\n\ns390x:\nminizip-1.2.7-20.el7_9.s390.rpm\nminizip-1.2.7-20.el7_9.s390x.rpm\nminizip-devel-1.2.7-20.el7_9.s390.rpm\nminizip-devel-1.2.7-20.el7_9.s390x.rpm\nzlib-debuginfo-1.2.7-20.el7_9.s390.rpm\nzlib-debuginfo-1.2.7-20.el7_9.s390x.rpm\nzlib-static-1.2.7-20.el7_9.s390.rpm\nzlib-static-1.2.7-20.el7_9.s390x.rpm\n\nx86_64:\nminizip-1.2.7-20.el7_9.i686.rpm\nminizip-1.2.7-20.el7_9.x86_64.rpm\nminizip-devel-1.2.7-20.el7_9.i686.rpm\nminizip-devel-1.2.7-20.el7_9.x86_64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.i686.rpm\nzlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm\nzlib-static-1.2.7-20.el7_9.i686.rpm\nzlib-static-1.2.7-20.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nzlib-1.2.7-20.el7_9.src.rpm\n\nx86_64:\nzlib-1.2.7-20.el7_9.i686.rpm\nzlib-1.2.7-20.el7_9.x86_64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.i686.rpm\nzlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm\nzlib-devel-1.2.7-20.el7_9.i686.rpm\nzlib-devel-1.2.7-20.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nminizip-1.2.7-20.el7_9.i686.rpm\nminizip-1.2.7-20.el7_9.x86_64.rpm\nminizip-devel-1.2.7-20.el7_9.i686.rpm\nminizip-devel-1.2.7-20.el7_9.x86_64.rpm\nzlib-debuginfo-1.2.7-20.el7_9.i686.rpm\nzlib-debuginfo-1.2.7-20.el7_9.x86_64.rpm\nzlib-static-1.2.7-20.el7_9.i686.rpm\nzlib-static-1.2.7-20.el7_9.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-25032\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYnw1+9zjgjWX9erEAQhePQ//UtM5hhHSzE0ZKC4Z9/u34cRNcqIc5nmT\nopYgZo/hPWp5kkh0R9/tAMWAEa7olBzfzsxulOkm2I65R6k/+fLKaXeQOcwMAkSH\ngyKBU2TG3+ziT1BrsXBDWAse9mqU+zX7t9rDUZ8u9g30qr/9xrDtrVb0b4Sypslf\nK5CEMHoskqCnHdl2j+vPOyOCwq8KxLMPBAYtY/X51JwLtT8thvmCQrPWANvWjoSq\nnDhdVsWpBtPNnsgBqg8Jv+9YhEHJTaa3wVPVorzgP2Bo4W8gmiiukSK9Sv3zcCTu\nlJnSolqBBU7NmGdQooPrUlUoqJUKXfFXgu+mjybTym8Fdoe0lnxLFSvoEeAr9Swo\nXlFeBrOR8F5SO16tYKCAtyhafmJn+8MisTPN0NmUD7VLAJ0FzhEk48dlLl5+EoAy\nAlxiuqgKh+O1zFRN80RSvYkPjWKU6KyK8QJaSKdroGcMjNkjhZ3cM6bpVP6V75F3\nCcLZWlP5d18qgfL/SRZo8NG23h+Fzz6FWNSQQZse27NS3BZsM4PVsHF5oaRN3Vij\nAFwDmIhHL7pE8pZaWck7qevt3i/hwzwYWV5VYYRgkYQIvveE0WUM/kqm+wqlU50Y\nbbpALcI5h9b83JgteVQG0hf9h5avYzgGrfbj+FOEVPPN86K37ILDvT45VcSjf1vO\n4nrrtbUzAhY=Pgu3\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-25032"
},
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "PACKETSTORM",
"id": "167486"
},
{
"db": "PACKETSTORM",
"id": "167381"
},
{
"db": "PACKETSTORM",
"id": "167140"
},
{
"db": "PACKETSTORM",
"id": "167122"
},
{
"db": "PACKETSTORM",
"id": "166946"
},
{
"db": "PACKETSTORM",
"id": "166970"
},
{
"db": "PACKETSTORM",
"id": "167225"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167568"
},
{
"db": "PACKETSTORM",
"id": "167133"
}
],
"trust": 1.89
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-418557",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-25032",
"trust": 2.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/28/3",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/26/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/28/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/24/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/25/2",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-333517",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "167133",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167381",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167122",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167225",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167140",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "169782",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166946",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167568",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166970",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167486",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166552",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168352",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168042",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166967",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167327",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167391",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167400",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167956",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167088",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167142",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171157",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169897",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168696",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167008",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167602",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167277",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167330",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167485",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167679",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167334",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167116",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167389",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166563",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166555",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167223",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170003",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167555",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167224",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167260",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167134",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167364",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167594",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167461",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171152",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167188",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167591",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168011",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167189",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167586",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167186",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167281",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169624",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167470",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168392",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167119",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167136",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167674",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167622",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167124",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-418557",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "PACKETSTORM",
"id": "167486"
},
{
"db": "PACKETSTORM",
"id": "167381"
},
{
"db": "PACKETSTORM",
"id": "167140"
},
{
"db": "PACKETSTORM",
"id": "167122"
},
{
"db": "PACKETSTORM",
"id": "166946"
},
{
"db": "PACKETSTORM",
"id": "166970"
},
{
"db": "PACKETSTORM",
"id": "167225"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167568"
},
{
"db": "PACKETSTORM",
"id": "167133"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"id": "VAR-202203-1690",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
}
],
"trust": 0.6383838399999999
},
"last_update_date": "2024-07-23T19:43:54.586000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"trust": 1.1,
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht213255"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht213256"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht213257"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2022/may/38"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2022/may/35"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2022/may/33"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"trust": 1.1,
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"trust": 1.1,
"url": "https://github.com/madler/zlib/issues/605"
},
{
"trust": 1.1,
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"trust": 1.1,
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"trust": 1.1,
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25032"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/dczfijbjtz7cl5qxbfktq22q26vinruf/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/df62mvmh3qugmbdcb3dy2erq6ebhtadb/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jzzptwryqulaol3aw7rzjnvz2uonxcv4/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ns2d2gfpfgojul4wq3duay7hf4vwq77f/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/voknp2l734ael47nrygvzikefoubqy5y/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xokfmsnq5d5wgmalbnbxu3ge442v74wu/"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.9,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/cve/cve-2018-25032"
},
{
"trust": 0.9,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-1271"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1271"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1154"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-1154"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-25636"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-25636"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-4028"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4028"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0778"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-0778"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3634"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24904"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24905"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3737"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-24904"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-41617"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-29165"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41617"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3737"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4189"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3634"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-29165"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4189"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-24905"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-43797"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0759"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21426"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21443"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21476"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37137"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21496"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43797"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21698"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21496"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-37137"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21434"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21443"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-37136"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21434"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21426"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37136"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21476"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0759"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21698"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21803"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-24785"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0235"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24723"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0235"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24785"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0155"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0155"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0536"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4115"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-24723"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4115"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21803"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0536"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0613"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0613"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/voknp2l734ael47nrygvzikefoubqy5y/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jzzptwryqulaol3aw7rzjnvz2uonxcv4/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ns2d2gfpfgojul4wq3duay7hf4vwq77f/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/df62mvmh3qugmbdcb3dy2erq6ebhtadb/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/dczfijbjtz7cl5qxbfktq22q26vinruf/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xokfmsnq5d5wgmalbnbxu3ge442v74wu/"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5359-1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5359-2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:4671"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2218"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2217"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:1681"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24773"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1365"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24771"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1365"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24771"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23555"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-43565"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43565"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24450"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23555"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24773"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4083"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4083"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0711"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0711"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:1715"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:4690"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3639"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7813"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-31036"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-31034"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-31035"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-31034"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-31016"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-31035"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-31016"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-31036"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5152"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2213"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "PACKETSTORM",
"id": "167486"
},
{
"db": "PACKETSTORM",
"id": "167381"
},
{
"db": "PACKETSTORM",
"id": "167140"
},
{
"db": "PACKETSTORM",
"id": "167122"
},
{
"db": "PACKETSTORM",
"id": "166946"
},
{
"db": "PACKETSTORM",
"id": "166970"
},
{
"db": "PACKETSTORM",
"id": "167225"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167568"
},
{
"db": "PACKETSTORM",
"id": "167133"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "PACKETSTORM",
"id": "167486"
},
{
"db": "PACKETSTORM",
"id": "167381"
},
{
"db": "PACKETSTORM",
"id": "167140"
},
{
"db": "PACKETSTORM",
"id": "167122"
},
{
"db": "PACKETSTORM",
"id": "166946"
},
{
"db": "PACKETSTORM",
"id": "166970"
},
{
"db": "PACKETSTORM",
"id": "167225"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167568"
},
{
"db": "PACKETSTORM",
"id": "167133"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-25T00:00:00",
"db": "VULHUB",
"id": "VHN-418557"
},
{
"date": "2022-06-19T16:39:51",
"db": "PACKETSTORM",
"id": "167486"
},
{
"date": "2022-06-03T15:43:30",
"db": "PACKETSTORM",
"id": "167381"
},
{
"date": "2022-05-12T15:53:27",
"db": "PACKETSTORM",
"id": "167140"
},
{
"date": "2022-05-12T15:38:35",
"db": "PACKETSTORM",
"id": "167122"
},
{
"date": "2022-05-04T05:42:06",
"db": "PACKETSTORM",
"id": "166946"
},
{
"date": "2022-05-05T17:33:41",
"db": "PACKETSTORM",
"id": "166970"
},
{
"date": "2022-05-19T15:53:12",
"db": "PACKETSTORM",
"id": "167225"
},
{
"date": "2022-11-08T13:50:54",
"db": "PACKETSTORM",
"id": "169782"
},
{
"date": "2022-06-22T15:07:32",
"db": "PACKETSTORM",
"id": "167568"
},
{
"date": "2022-05-12T15:51:01",
"db": "PACKETSTORM",
"id": "167133"
},
{
"date": "2022-03-25T09:15:08.187000",
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-11T00:00:00",
"db": "VULHUB",
"id": "VHN-418557"
},
{
"date": "2023-11-07T02:56:26.393000",
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu Security Notice USN-5359-2",
"sources": [
{
"db": "PACKETSTORM",
"id": "167486"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "spoof",
"sources": [
{
"db": "PACKETSTORM",
"id": "167381"
},
{
"db": "PACKETSTORM",
"id": "167225"
}
],
"trust": 0.2
}
}
VDE-2022-046
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2022-11-10 07:00 - Updated: 2025-05-22 13:03Summary
PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware
Notes
Summary: UPDATE A: Two devices (ENERGY AXC PU, SMARTRTU AXC SG) added (24.11.2022) Update for PLCnext Firmware containing fixes for recent vulnerability findings in Linux components and security enhancements. PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known vulnerabilities.
Impact: Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.
Mitigation: Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Remediation: Update to the latest LTS Firmware Release.
Update to the latest LTS PLCnext Engineer Release.
Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.
8.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use After Free in GitHub repository vim/vim prior to 8.2.4979.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use After Free in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).
8.1 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when '--no-clobber' is used together with '--remove-on-error'.
8.1 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.
5.3 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
5.7 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.
4.3 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like 'http://example.com%2F127.0.0.1/', would be allowed bythe parser and get transposed into 'http://example.com/127.0.0.1/'. This flawcan be used to circumvent filters, checks and more.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
libcurl provides the 'CURLOPT_CERTINFO' option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
5.9 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
A malicious server can serve excessive amounts of 'Set-Cookie:' headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on 'foo.example.com' can set cookies that also would match for 'bar.example.com', making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method.
4.3 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
8.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.
8.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
vim is vulnerable to Heap-based Buffer Overflow
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
vim is vulnerable to Use After Free
7.3 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
vim is vulnerable to Out-of-bounds Read
7.1 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
7.1 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use After Free in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
References
4 references
Acknowledgments
CERT@VDE
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "UPDATE A: Two devices (ENERGY AXC PU, SMARTRTU AXC SG) added (24.11.2022) Update for PLCnext Firmware containing fixes for recent vulnerability findings in Linux components and security enhancements. PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known vulnerabilities.",
"title": "Summary"
},
{
"category": "description",
"text": "Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.",
"title": "Impact"
},
{
"category": "description",
"text": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"title": "Mitigation"
},
{
"category": "description",
"text": "Update to the latest LTS Firmware Release.\nUpdate to the latest LTS PLCnext Engineer Release.\n\nPlease check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PHOENIX CONTACT PSIRT ",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for PHOENIX CONTACT",
"url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2022-046: PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware - HTML",
"url": "https://certvde.com/en/advisories/VDE-2022-046/"
},
{
"category": "self",
"summary": "VDE-2022-046: PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-046.json"
}
],
"title": "PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware",
"tracking": {
"aliases": [
"VDE-2022-046"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2025-04-01T06:22:01.779Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.22"
}
},
"id": "VDE-2022-046",
"initial_release_date": "2022-11-10T07:00:00.000Z",
"revision_history": [
{
"date": "2022-10-11T06:00:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2022-11-24T07:51:00.000Z",
"number": "2",
"summary": "Update A"
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "3",
"summary": "Fix: quotation mark"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AXC F 1152",
"product": {
"name": "AXC F 1152",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 2152",
"product": {
"name": "AXC F 2152",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 3152",
"product": {
"name": "AXC F 3152",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
}
},
{
"category": "product_name",
"name": "BPC 9102S",
"product": {
"name": "BPC 9102S",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
}
},
{
"category": "product_name",
"name": "ENERGY AXC PU",
"product": {
"name": "ENERGY AXC PU",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"1264327"
]
}
}
},
{
"category": "product_name",
"name": "EPC 1502",
"product": {
"name": "EPC 1502",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"1185416"
]
}
}
},
{
"category": "product_name",
"name": "EPC 1522",
"product": {
"name": "EPC 1522",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"1185423"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072S",
"product": {
"name": "RFC 4072S",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
}
},
{
"category": "product_name",
"name": "SMARTRTU AXC SG",
"product": {
"name": "SMARTRTU AXC SG",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"1110435"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2022.0.8 LTS",
"product": {
"name": "Firmware \u003c2022.0.8 LTS",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "\u003cV04.14.00.00",
"product": {
"name": "Firmware \u003cV04.14.00.00",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version_range",
"name": "\u003c2022.0.7 LTS",
"product": {
"name": "Firmware \u003c2022.0.7 LTS",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version_range",
"name": "\u003cV01.09.00.00",
"product": {
"name": "Firmware \u003cV01.09.00.00",
"product_id": "CSAFPID-21004"
}
},
{
"category": "product_version",
"name": "2022.0.8 LTS",
"product": {
"name": "Firmware 2022.0.8 LTS",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version",
"name": "V04.14.00.00",
"product": {
"name": "Firmware V04.14.00.00",
"product_id": "CSAFPID-22002"
}
},
{
"category": "product_version",
"name": "2022.0.7 LTS",
"product": {
"name": "Firmware 2022.0.7 LTS",
"product_id": "CSAFPID-22003"
}
},
{
"category": "product_version",
"name": "V01.09.00.00",
"product": {
"name": "Firmware V01.09.00.00",
"product_id": "CSAFPID-22004"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "PHOENIX CONTACT"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"summary": "Fixed Products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on AXC F 1152",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on AXC F 1152",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on AXC F 2152",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on AXC F 2152",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on AXC F 3152",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on AXC F 3152",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on BPC 9102S",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on BPC 9102S",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV04.14.00.00 installed on ENERGY AXC PU",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V04.14.00.00 installed on ENERGY AXC PU",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.7 LTS installed on EPC 1502",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.7 LTS installed on EPC 1502",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.7 LTS installed on EPC 1522",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.7 LTS installed on EPC 1522",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on RFC 4072S",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on RFC 4072S",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV01.09.00.00 installed on SMARTRTU AXC SG",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V01.09.00.00 installed on SMARTRTU AXC SG",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11009"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-29824",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don\u0027t check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2\u0027s buffer functions, for example libxslt through 1.1.35, is affected as well.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-29824"
},
{
"cve": "CVE-2022-23308",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-28391",
"notes": [
{
"category": "description",
"text": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record\u0027s value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal\u0027s colors.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-28391"
},
{
"cve": "CVE-2022-0547",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "description",
"text": "OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0547"
},
{
"cve": "CVE-2022-1381",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1381"
},
{
"cve": "CVE-2022-1420",
"cwe": {
"id": "CWE-823",
"name": "Use of Out-of-range Pointer Offset"
},
"notes": [
{
"category": "description",
"text": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1420"
},
{
"cve": "CVE-2022-1733",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1733"
},
{
"cve": "CVE-2022-1796",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use After Free in GitHub repository vim/vim prior to 8.2.4979.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1796"
},
{
"cve": "CVE-2022-1621",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1621"
},
{
"cve": "CVE-2022-1616",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1616"
},
{
"cve": "CVE-2022-25313",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "description",
"text": "In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2021-45117",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2021-45117"
},
{
"cve": "CVE-2022-1619",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1619"
},
{
"cve": "CVE-2022-25235",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "description",
"text": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"notes": [
{
"category": "description",
"text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-1629",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1629"
},
{
"cve": "CVE-2022-1735",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1735"
},
{
"cve": "CVE-2022-1769",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1769"
},
{
"cve": "CVE-2022-1785",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1785"
},
{
"cve": "CVE-2022-1620",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1620"
},
{
"cve": "CVE-2022-1674",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1674"
},
{
"cve": "CVE-2022-1771",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "description",
"text": "Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1771"
},
{
"cve": "CVE-2022-1886",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1886"
},
{
"cve": "CVE-2022-1851",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1851"
},
{
"cve": "CVE-2022-1898",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use After Free in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1898"
},
{
"cve": "CVE-2022-1720",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1720"
},
{
"cve": "CVE-2018-25032",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2022-22576",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "description",
"text": "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-22576"
},
{
"cve": "CVE-2022-27778",
"cwe": {
"id": "CWE-706",
"name": "Use of Incorrectly-Resolved Name or Reference"
},
"notes": [
{
"category": "description",
"text": "A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when \u0027--no-clobber\u0027 is used together with \u0027--remove-on-error\u0027.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27778"
},
{
"cve": "CVE-2022-27779",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "description",
"text": "libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl\u0027s \"cookie engine\" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27779"
},
{
"cve": "CVE-2022-27782",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "description",
"text": "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-27774",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "description",
"text": "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.7,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27774"
},
{
"cve": "CVE-2022-25314",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25314"
},
{
"cve": "CVE-2022-25315",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-27776",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "description",
"text": "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27776"
},
{
"cve": "CVE-2022-30115",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "description",
"text": "Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-30115"
},
{
"cve": "CVE-2022-27780",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "description",
"text": "The curl URL parser wrongly accepts percent-encoded URL separators like \u0027/\u0027when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like \u0027http://example.com%2F127.0.0.1/\u0027, would be allowed bythe parser and get transposed into \u0027http://example.com/127.0.0.1/\u0027. This flawcan be used to circumvent filters, checks and more.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27780"
},
{
"cve": "CVE-2022-27781",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "libcurl provides the \u0027CURLOPT_CERTINFO\u0027 option to allow applications torequest details to be returned about a server\u0027s certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27781"
},
{
"cve": "CVE-2022-27775",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "description",
"text": "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27775"
},
{
"cve": "CVE-2022-32207",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "description",
"text": "When curl \u003c 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-32207"
},
{
"cve": "CVE-2022-32206",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32208",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "When curl \u003c 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32205",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "A malicious server can serve excessive amounts of \u0027Set-Cookie:\u0027 headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on \u0027foo.example.com\u0027 can set cookies that also would match for \u0027bar.example.com\u0027, making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-32205"
},
{
"cve": "CVE-2019-19906",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2022-24407",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-1154",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1154"
},
{
"cve": "CVE-2022-0943",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0943"
},
{
"cve": "CVE-2022-1160",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1160"
},
{
"cve": "CVE-2022-0729",
"cwe": {
"id": "CWE-823",
"name": "Use of Out-of-range Pointer Offset"
},
"notes": [
{
"category": "description",
"text": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0729"
},
{
"cve": "CVE-2022-0572",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0572"
},
{
"cve": "CVE-2022-0696",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0696"
},
{
"cve": "CVE-2022-0685",
"cwe": {
"id": "CWE-823",
"name": "Use of Out-of-range Pointer Offset"
},
"notes": [
{
"category": "description",
"text": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0685"
},
{
"cve": "CVE-2022-0714",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0714"
},
{
"cve": "CVE-2022-0361",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0361"
},
{
"cve": "CVE-2022-0368",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0368"
},
{
"cve": "CVE-2021-3973",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "vim is vulnerable to Heap-based Buffer Overflow",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2021-3973"
},
{
"cve": "CVE-2021-3796",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "vim is vulnerable to Use After Free",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.3,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2021-3796"
},
{
"cve": "CVE-2021-4166",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "vim is vulnerable to Out-of-bounds Read",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2022-1927",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1927"
},
{
"cve": "CVE-2022-1942",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1942"
},
{
"cve": "CVE-2022-2129",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2129"
},
{
"cve": "CVE-2022-2175",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2175"
},
{
"cve": "CVE-2022-2182",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2182"
},
{
"cve": "CVE-2022-0778",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-2183",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2183"
},
{
"cve": "CVE-2022-2343",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2343"
},
{
"cve": "CVE-2022-2207",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2207"
},
{
"cve": "CVE-2022-2210",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2210"
},
{
"cve": "CVE-2022-2344",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2344"
},
{
"cve": "CVE-2022-2345",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use After Free in GitHub repository vim/vim prior to 9.0.0046.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2345"
},
{
"cve": "CVE-2022-2208",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2208"
},
{
"cve": "CVE-2022-2231",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2231"
},
{
"cve": "CVE-2022-2287",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2287"
},
{
"cve": "CVE-2022-2285",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2285"
},
{
"cve": "CVE-2022-2284",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2284"
},
{
"cve": "CVE-2022-2286",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2286"
},
{
"cve": "CVE-2022-2289",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use After Free in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2289"
},
{
"cve": "CVE-2022-2288",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2288"
},
{
"cve": "CVE-2022-2264",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2264"
},
{
"cve": "CVE-2022-2206",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2206"
},
{
"cve": "CVE-2022-2257",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2257"
},
{
"cve": "CVE-2022-29862",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-29862"
},
{
"cve": "CVE-2022-29864",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-29864"
}
]
}
WID-SEC-W-2022-0005
Vulnerability from csaf_certbund - Published: 2022-04-03 22:00 - Updated: 2025-06-11 22:00Summary
zlib: Schwachstelle ermöglicht Codeausführung
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die zlib ist eine freie Programmbibliothek zum Komprimieren und Dekomprimieren von Daten.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in zlib ausnutzen, um beliebigen Programmcode auszuführen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme: - Appliance
- Hardware Appliance
- Linux
- Sonstiges
- UNIX
Affected products
Known affected
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
genua genuscreen <7.6p7
genua / genuscreen
|
<7.6p7 | ||
|
genua genuscreen <8.0p4
genua / genuscreen
|
<8.0p4 | ||
|
Juniper Junos Space <22.2R1
Juniper / Junos Space
|
<22.2R1 | ||
|
Broadcom Brocade Switch
Broadcom
|
cpe:/h:brocade:switch:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:v10.5
|
10.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:v11.5
|
11.5 | |
|
Open Source zlib <1.2.12
Open Source / zlib
|
<1.2.12 | ||
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
IBM Spectrum Protect for Virtual Environments
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:for_virtual_environments
|
for Virtual Environments | |
|
Dell NetWorker <19.9.0.1
Dell / NetWorker
|
<19.9.0.1 | ||
|
Oracle VM 3
Oracle / VM
|
cpe:/a:oracle:vm:3
|
3 | |
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Spectrum Protect for Space Management Client
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:for_space_management_client
|
for Space Management Client | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Avaya Aura Device Services
Avaya
|
cpe:/a:avaya:aura_device_services:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
HPE Switch
HPE
|
cpe:/h:hp:switch:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Content Manager
IBM
|
cpe:/a:ibm:content_manager:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Avaya Web License Manager
Avaya
|
cpe:/a:avaya:web_license_manager:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM DataPower Gateway <10.6.4.0
IBM / DataPower Gateway
|
<10.6.4.0 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Spectrum Protect 8.1.17
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1.17
|
8.1.17 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Tenable Security Nessus
Tenable Security
|
cpe:/a:tenable:nessus:-
|
— | |
|
IBM Security Verify Access <10.0.5-ISS-ISVA-FP000
IBM / Security Verify Access
|
<10.0.5-ISS-ISVA-FP000 | ||
|
IBM Tivoli Business Service Manager 6.2.0
IBM / Tivoli Business Service Manager
|
cpe:/a:ibm:tivoli_business_service_manager:6.2.0
|
6.2.0 | |
|
Sophos Unified Threat Management (UTM) Software 9.7 MR15
Sophos / Unified Threat Management (UTM) Software
|
cpe:/a:sophos:unified_threat_management_software:9.7_mr15
|
9.7 MR15 | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
IBM Tivoli Monitoring
IBM
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
— | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM VIOS
IBM
|
cpe:/a:ibm:vios:-
|
— | |
|
genua genugate <10.0p8
genua / genugate
|
<10.0p8 | ||
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
IBM AIX
IBM
|
cpe:/o:ibm:aix:-
|
— | |
|
IBM DataPower Gateway <10.5.0.17
IBM / DataPower Gateway
|
<10.5.0.17 | ||
|
IBM DataPower Gateway <10.6.0.5
IBM / DataPower Gateway
|
<10.6.0.5 | ||
|
Autodesk AutoCAD
Autodesk
|
cpe:/a:autodesk:autocad:2023.1.1
|
— | |
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
References
112 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die zlib ist eine freie Programmbibliothek zum Komprimieren und Dekomprimieren von Daten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in zlib ausnutzen, um beliebigen Programmcode auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Hardware Appliance\n- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0005 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0005.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0005 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0005"
},
{
"category": "external",
"summary": "Red Hat Security Adivisory CVE-2018-25032 vom 2022-04-03",
"url": "https://access.redhat.com/security/cve/cve-2018-25032"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010584.html"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010586.html"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010582.html"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010583.html"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010557.html"
},
{
"category": "external",
"summary": "Debian Security Advisory vom 2022-04-03",
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5355-1 vom 2022-04-03",
"url": "https://ubuntu.com/security/notices/USN-5355-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5355-2 vom 2022-04-03",
"url": "https://ubuntu.com/security/notices/USN-5355-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5359-1 vom 2022-04-03",
"url": "https://ubuntu.com/security/notices/USN-5359-1"
},
{
"category": "external",
"summary": "PoC auf Openwall.com vom 2022-04-03",
"url": "https://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"category": "external",
"summary": "OpenBSD Security Advisory vom 2022-04-03",
"url": "https://www.openbsd.org/errata69.html"
},
{
"category": "external",
"summary": "OpenBSD Security Advisory vom 2022-04-03",
"url": "https://www.openbsd.org/errata70.html"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202204-3 vom 2022-04-05",
"url": "https://security.archlinux.org/ASA-202204-3"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-22:08.ZLIB vom 2022-04-06",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-22:08.zlib.asc"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1772 vom 2022-04-07",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1772.html"
},
{
"category": "external",
"summary": "IGEL Security Notice ISN-2022-09 vom 2022-04-08",
"url": "https://kb.igel.com/securitysafety/en/isn-2022-09-zlib-vulnerability-57337946.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:1061-2 vom 2022-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010707.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1591 vom 2022-04-27",
"url": "https://access.redhat.com/errata/RHSA-2022:1591"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-1642 vom 2022-04-28",
"url": "http://linux.oracle.com/errata/ELSA-2022-1642.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1642 vom 2022-04-28",
"url": "https://access.redhat.com/errata/RHSA-2022:1642"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1661 vom 2022-05-02",
"url": "https://access.redhat.com/errata/RHSA-2022:1661"
},
{
"category": "external",
"summary": "Genua Update Seite",
"url": "https://kunde.genua.de/nc/suche/view/neuer-patch-genuscreen-box-crypt-card-wall-76p7-verfuegbar.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-044 vom 2022-05-04",
"url": "https://downloads.avaya.com/css/P8/documents/101081674"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2993 vom 2022-05-07",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1679 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1679"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2218 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2218"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2183 vom 2022-05-11",
"url": "https://access.redhat.com/errata/RHSA-2022:2183"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2192 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2192"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2197 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2197"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2198 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2198"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2201 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2201"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2213 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2213"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2214 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2214"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2216 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2216"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2217 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2217"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-2213 vom 2022-05-12",
"url": "http://linux.oracle.com/errata/ELSA-2022-2213.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2022:2213 vom 2022-05-13",
"url": "https://lists.centos.org/pipermail/centos-announce/2022-May/073584.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-064 vom 2022-05-12",
"url": "https://downloads.avaya.com/css/P8/documents/101081774"
},
{
"category": "external",
"summary": "Patch genugate 10.0p8 vom 2022-05-17",
"url": "https://kunde.genua.de/nc/suche/view/neuer-patch-genugate-100p8-verfuegbar.html?tx_genusupport_content%5Bidentity%5D=0\u0026tx_genusupport_content%5BsearchTerm%5D=\u0026tx_genusupport_content%5BforcePath%5D=\u0026tx_genusupport_content%5Baction%5D=genuSupportSearch\u0026tx_g"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4690 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4690"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4691 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4691"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-2201 vom 2022-05-19",
"url": "https://linux.oracle.com/errata/ELSA-2022-2201.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4692 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4692"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4592 vom 2022-05-20",
"url": "https://access.redhat.com/errata/RHSA-2022:4592"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4671 vom 2022-05-20",
"url": "https://access.redhat.com/errata/RHSA-2022:4671"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4584 vom 2022-05-20",
"url": "https://access.redhat.com/errata/RHSA-2022:4584"
},
{
"category": "external",
"summary": "F5 Security Advisory K21548854 vom 2022-05-19",
"url": "https://support.f5.com/csp/article/K21548854"
},
{
"category": "external",
"summary": "Owncloud Security Update",
"url": "https://owncloud.com/security-advisories/cve-2018-25032/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2265 vom 2022-05-27",
"url": "https://access.redhat.com/errata/RHSA-2022:2265"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2264 vom 2022-05-26",
"url": "https://access.redhat.com/errata/RHSA-2022:2264"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20220526-0009 vom 2022-05-26",
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"category": "external",
"summary": "Tenable Security Advisory",
"url": "https://www.tenable.com/security/tns-2022-12"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2272 vom 2022-05-26",
"url": "https://access.redhat.com/errata/RHSA-2022:2272"
},
{
"category": "external",
"summary": "Tenable Security Advisory",
"url": "https://www.tenable.com/security/tns-2022-11"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2268 vom 2022-05-26",
"url": "https://access.redhat.com/errata/RHSA-2022:2268"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6589939 vom 2022-05-26",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-operator-and-queue-manager-container-images-are-vulnerable-to-multiple-vulnerabilities-from-gzip-jackson-databind-libssh-gnutls-nettle-and-zlib/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4845 vom 2022-05-31",
"url": "https://access.redhat.com/errata/RHSA-2022:4845"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4863 vom 2022-06-01",
"url": "https://access.redhat.com/errata/RHSA-2022:4863"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4880 vom 2022-06-02",
"url": "https://access.redhat.com/errata/RHSA-2022:4880"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4896 vom 2022-06-03",
"url": "https://access.redhat.com/errata/RHSA-2022:4896"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4985 vom 2022-06-09",
"url": "https://access.redhat.com/errata/RHSA-2022:4985"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5359-2 vom 2022-06-13",
"url": "https://ubuntu.com/security/notices/USN-5359-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5026 vom 2022-06-15",
"url": "https://access.redhat.com/errata/RHSA-2022:5026"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-063 vom 2022-06-21",
"url": "https://downloads.avaya.com/css/P8/documents/101082339"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5192 vom 2022-06-25",
"url": "https://access.redhat.com/errata/RHSA-2022:5192"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2174-1 vom 2022-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011348.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5188 vom 2022-06-25",
"url": "https://access.redhat.com/errata/RHSA-2022:5188"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5187 vom 2022-06-25",
"url": "https://access.redhat.com/errata/RHSA-2022:5187"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5439 vom 2022-07-01",
"url": "https://access.redhat.com/errata/RHSA-2022:5439"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-4584 vom 2022-07-01",
"url": "http://linux.oracle.com/errata/ELSA-2022-4584.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5483 vom 2022-07-01",
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-4592 vom 2022-07-01",
"url": "http://linux.oracle.com/errata/ELSA-2022-4592.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1602 vom 2022-07-07",
"url": "https://alas.aws.amazon.com/ALAS-2022-1602.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9565 vom 2022-07-07",
"url": "https://linux.oracle.com/errata/ELSA-2022-9565.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-100 vom 2022-07-21",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-100.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20220729-0004 vom 2022-08-19",
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6824729 vom 2022-09-29",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-content-manager-ondemand-for-multiplatforms-is-affected-by-a-vulnerability-cve-2018-25032/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6824731 vom 2022-09-29",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-content-manager-ondemand-for-ibm-i-is-affected-by-a-vulnerability-cve-2018-25032/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6824891 vom 2022-09-28",
"url": "https://aix.software.ibm.com/aix/efixes/security/zlib_advisory.asc"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6823767 vom 2022-09-30",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-vulnerable-to-an-issue-within-the-zlib-library-cve-2018-25032/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6825735 vom 2022-10-01",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-monitoring-basic-services-is-vulnerable-to-a-denial-of-service-attack-in-zlib-component-cve-2018-25032/"
},
{
"category": "external",
"summary": "Autodesk Security Advisory ADSK-SA-2022-0023 vom 2022-10-07",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0023"
},
{
"category": "external",
"summary": "Juniper Security Bulletin",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6831855 vom 2022-10-26",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-14/"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202210-42 vom 2022-10-31",
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-159 vom 2022-11-04",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-159.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-158 vom 2022-11-04",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-158.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7813 vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7813"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8420 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8420"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-8420 vom 2022-11-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-8420.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1640 vom 2022-12-10",
"url": "https://alas.aws.amazon.com/ALAS-2022-1640.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6847653 vom 2022-12-20",
"url": "https://www.ibm.com/support/pages/node/6847653"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6833196 vom 2022-12-23",
"url": "https://www.ibm.com/support/pages/node/6846533"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6827869 vom 2022-12-23",
"url": "https://www.ibm.com/support/pages/node/6842075"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6855297 vom 2023-01-13",
"url": "https://www.ibm.com/support/pages/node/6855297"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0976 vom 2023-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:0976"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0975 vom 2023-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:0975"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0943 vom 2023-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:0943"
},
{
"category": "external",
"summary": "Sophos UTM Up2date 9.715 vom 2023-03-13",
"url": "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-715-released"
},
{
"category": "external",
"summary": "Dell Security Update for Dell NetWorker",
"url": "https://www.dell.com/support/kbdoc/de-de/000215499/dsa-2023-231-security-update-for-dell-networker-zlib-1-2-3"
},
{
"category": "external",
"summary": "HPE Securi+y Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04494en_us"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2023-0011 vom 2023-08-17",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2023-August/001074.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7087162 vom 2023-12-01",
"url": "https://www.ibm.com/support/pages/node/7087162"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7111596 vom 2024-01-24",
"url": "https://www.ibm.com/support/pages/node/7111596"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6736-1 vom 2024-04-16",
"url": "https://ubuntu.com/security/notices/USN-6736-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6736-2 vom 2024-05-23",
"url": "https://ubuntu.com/security/notices/USN-6736-2"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:14656-1 vom 2025-01-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/PA2YASY5GVVBWOWVKGZPCNZJI5WMPXEX/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183676 vom 2025-02-27",
"url": "https://www.ibm.com/support/pages/node/7183676"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7236343 vom 2025-06-11",
"url": "https://www.ibm.com/support/pages/node/7236343"
}
],
"source_lang": "en-US",
"title": "zlib: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-06-11T22:00:00.000+00:00",
"generator": {
"date": "2025-06-12T07:23:38.282+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2022-0005",
"initial_release_date": "2022-04-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-04-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-04-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Arch Linux aufgenommen"
},
{
"date": "2022-04-05T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von FreeBSD aufgenommen"
},
{
"date": "2022-04-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-04-10T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IGEL aufgenommen"
},
{
"date": "2022-04-13T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-04-18T22:00:00.000+00:00",
"number": "7",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-DBD2935E44, FEDORA-2022-413A80A102, FEDORA-2022-12B89E2AAD"
},
{
"date": "2022-04-26T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-04-28T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2022-05-01T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-04T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-05-05T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-05-08T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-11T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-12T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-05-15T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von CentOS und AVAYA aufgenommen"
},
{
"date": "2022-05-17T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von genua aufgenommen"
},
{
"date": "2022-05-18T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2022-05-19T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-24T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-05-26T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat, NetApp, Tenable und IBM aufgenommen"
},
{
"date": "2022-05-31T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-01T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-06T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-09T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-12T22:00:00.000+00:00",
"number": "27",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-61CF1C64F6"
},
{
"date": "2022-06-13T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-06-14T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-22T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-06-26T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2022-06-30T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-03T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2022-07-07T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-07-10T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-07-20T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-08-11T22:00:00.000+00:00",
"number": "37",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-3A92250FD5, FEDORA-2022-B58A85E167"
},
{
"date": "2022-08-21T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2022-09-28T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-09-29T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-03T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-09T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Autodesk aufgenommen"
},
{
"date": "2022-10-12T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-31T23:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2022-11-06T23:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-11-08T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-21T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-12-11T23:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-12-20T23:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-12-22T23:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-01-12T23:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-02-28T23:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-13T23:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-07-04T22:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2023-08-13T22:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2023-08-17T22:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2023-12-03T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-01-24T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-05-23T22:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-01-19T23:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "65"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Autodesk AutoCAD",
"product": {
"name": "Autodesk AutoCAD",
"product_id": "T024716",
"product_identification_helper": {
"cpe": "cpe:/a:autodesk:autocad:2023.1.1"
}
}
}
],
"category": "vendor",
"name": "Autodesk"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Device Services",
"product": {
"name": "Avaya Aura Device Services",
"product_id": "T015517",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_device_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Breeze Platform",
"product": {
"name": "Avaya Breeze Platform",
"product_id": "T015823",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:breeze_platform:-"
}
}
},
{
"category": "product_name",
"name": "Avaya CMS",
"product": {
"name": "Avaya CMS",
"product_id": "997",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:call_management_system_server:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Session Border Controller",
"product": {
"name": "Avaya Session Border Controller",
"product_id": "T015520",
"product_identification_helper": {
"cpe": "cpe:/h:avaya:session_border_controller:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Web License Manager",
"product": {
"name": "Avaya Web License Manager",
"product_id": "T016243",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:web_license_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Broadcom Brocade Switch",
"product": {
"name": "Broadcom Brocade Switch",
"product_id": "T015844",
"product_identification_helper": {
"cpe": "cpe:/h:brocade:switch:-"
}
}
}
],
"category": "vendor",
"name": "Broadcom"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.9.0.1",
"product": {
"name": "Dell NetWorker \u003c19.9.0.1",
"product_id": "T028404"
}
},
{
"category": "product_version",
"name": "19.9.0.1",
"product": {
"name": "Dell NetWorker 19.9.0.1",
"product_id": "T028404-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.9.0.1"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Switch",
"product": {
"name": "HPE Switch",
"product_id": "T005119",
"product_identification_helper": {
"cpe": "cpe:/h:hp:switch:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM AIX",
"product": {
"name": "IBM AIX",
"product_id": "5094",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics \u003c12.0.4 IF2",
"product_id": "T041469"
}
},
{
"category": "product_version",
"name": "12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics 12.0.4 IF2",
"product_id": "T041469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:12.0.4_if2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics \u003c11.2.4 IF4",
"product_id": "T041470"
}
},
{
"category": "product_version",
"name": "11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics 11.2.4 IF4",
"product_id": "T041470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:11.2.4_if4"
}
}
}
],
"category": "product_name",
"name": "Cognos Analytics"
},
{
"category": "product_name",
"name": "IBM Content Manager",
"product": {
"name": "IBM Content Manager",
"product_id": "T023838",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:content_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "11.1",
"product": {
"name": "IBM DB2 11.1",
"product_id": "342000",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:11.1"
}
}
},
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "IBM DB2 11.5",
"product_id": "T015242",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:v11.5"
}
}
},
{
"category": "product_version",
"name": "10.5",
"product": {
"name": "IBM DB2 10.5",
"product_id": "T015244",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:v10.5"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.0.17",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.17",
"product_id": "T043377"
}
},
{
"category": "product_version",
"name": "10.5.0.17",
"product": {
"name": "IBM DataPower Gateway 10.5.0.17",
"product_id": "T043377-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.17"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.0.5",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.0.5",
"product_id": "T043378"
}
},
{
"category": "product_version",
"name": "10.6.0.5",
"product": {
"name": "IBM DataPower Gateway 10.6.0.5",
"product_id": "T043378-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.4.0",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.4.0",
"product_id": "T044528"
}
},
{
"category": "product_version",
"name": "10.6.4.0",
"product": {
"name": "IBM DataPower Gateway 10.6.4.0",
"product_id": "T044528-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.4.0"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_version",
"name": "7.4",
"product": {
"name": "IBM QRadar SIEM 7.4",
"product_id": "T024775",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.4"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.5-ISS-ISVA-FP000",
"product": {
"name": "IBM Security Verify Access \u003c10.0.5-ISS-ISVA-FP000",
"product_id": "T025829"
}
},
{
"category": "product_version",
"name": "10.0.5-ISS-ISVA-FP000",
"product": {
"name": "IBM Security Verify Access 10.0.5-ISS-ISVA-FP000",
"product_id": "T025829-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:10.0.5-iss-isva-fp000"
}
}
}
],
"category": "product_name",
"name": "Security Verify Access"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1.17",
"product": {
"name": "IBM Spectrum Protect 8.1.17",
"product_id": "T025663",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:8.1.17"
}
}
},
{
"category": "product_version",
"name": "for Virtual Environments",
"product": {
"name": "IBM Spectrum Protect for Virtual Environments",
"product_id": "T025697",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:for_virtual_environments"
}
}
},
{
"category": "product_version",
"name": "for Space Management Client",
"product": {
"name": "IBM Spectrum Protect for Space Management Client",
"product_id": "T025698",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:for_space_management_client"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
},
{
"branches": [
{
"category": "product_version",
"name": "6.2.0",
"product": {
"name": "IBM Tivoli Business Service Manager 6.2.0",
"product_id": "T014092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Business Service Manager"
},
{
"category": "product_name",
"name": "IBM Tivoli Monitoring",
"product": {
"name": "IBM Tivoli Monitoring",
"product_id": "342008",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:6.3.0.7"
}
}
},
{
"category": "product_name",
"name": "IBM VIOS",
"product": {
"name": "IBM VIOS",
"product_id": "T004571",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "IGEL OS",
"product": {
"name": "IGEL OS",
"product_id": "T017865",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:-"
}
}
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c22.2R1",
"product": {
"name": "Juniper Junos Space \u003c22.2R1",
"product_id": "T003343"
}
},
{
"category": "product_version",
"name": "22.2R1",
"product": {
"name": "Juniper Junos Space 22.2R1",
"product_id": "T003343-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:-"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.2.12",
"product": {
"name": "Open Source zlib \u003c1.2.12",
"product_id": "T022501"
}
},
{
"category": "product_version",
"name": "1.2.12",
"product": {
"name": "Open Source zlib 1.2.12",
"product_id": "T022501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gnu:zlib:1.2.12"
}
}
}
],
"category": "product_name",
"name": "zlib"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "3",
"product": {
"name": "Oracle VM 3",
"product_id": "T019617",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:3"
}
}
}
],
"category": "product_name",
"name": "VM"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.7 MR15",
"product": {
"name": "Sophos Unified Threat Management (UTM) Software 9.7 MR15",
"product_id": "T026721",
"product_identification_helper": {
"cpe": "cpe:/a:sophos:unified_threat_management_software:9.7_mr15"
}
}
}
],
"category": "product_name",
"name": "Unified Threat Management (UTM) Software"
}
],
"category": "vendor",
"name": "Sophos"
},
{
"branches": [
{
"category": "product_name",
"name": "Tenable Security Nessus",
"product": {
"name": "Tenable Security Nessus",
"product_id": "T016399",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:-"
}
}
}
],
"category": "vendor",
"name": "Tenable Security"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0p8",
"product": {
"name": "genua genugate \u003c10.0p8",
"product_id": "T023260"
}
},
{
"category": "product_version",
"name": "10.0p8",
"product": {
"name": "genua genugate 10.0p8",
"product_id": "T023260-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:genua:genugate:10.0:p8"
}
}
}
],
"category": "product_name",
"name": "genugate"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.6p7",
"product": {
"name": "genua genuscreen \u003c7.6p7",
"product_id": "T023070"
}
},
{
"category": "product_version",
"name": "7.6p7",
"product": {
"name": "genua genuscreen 7.6p7",
"product_id": "T023070-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:genua:genuscreen:7.6p7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.0p4",
"product": {
"name": "genua genuscreen \u003c8.0p4",
"product_id": "T023071"
}
},
{
"category": "product_version",
"name": "8.0p4",
"product": {
"name": "genua genuscreen 8.0p4",
"product_id": "T023071-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:genua:genuscreen:8.0p4"
}
}
}
],
"category": "product_name",
"name": "genuscreen"
}
],
"category": "vendor",
"name": "genua"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"product_status": {
"known_affected": [
"T023070",
"T023071",
"T003343",
"T015844",
"T015127",
"T015126",
"T004914",
"T015520",
"T015244",
"T015242",
"T022501",
"997",
"T025697",
"T028404",
"T019617",
"T041469",
"398363",
"T025698",
"T015519",
"T015518",
"T015517",
"T015516",
"T005119",
"T012167",
"T023838",
"T016960",
"T016243",
"T022954",
"2951",
"T002207",
"T044528",
"T027843",
"T025663",
"T024775",
"67646",
"4035",
"T015823",
"T016399",
"T025829",
"T014092",
"T026721",
"T001663",
"342008",
"T021398",
"T004571",
"T023260",
"342000",
"T013312",
"5094",
"T043377",
"T043378",
"T024716",
"T041470",
"T017865",
"T000126",
"1727"
]
},
"release_date": "2022-04-03T22:00:00.000+00:00",
"title": "CVE-2018-25032"
}
]
}
WID-SEC-W-2022-0735
Vulnerability from csaf_certbund - Published: 2022-07-19 22:00 - Updated: 2022-11-30 23:00Summary
Oracle MySQL: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: MySQL ist ein Open Source Datenbankserver von Oracle.
Angriff: Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
References
14 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "MySQL ist ein Open Source Datenbankserver von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0735 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0735.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0735 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0735"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6842821 vom 2022-12-01",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-in-oracle-mysql/"
},
{
"category": "external",
"summary": "Menu - Appendix Oracle MySQL vom 2022-07-19",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5537-1 vom 2022-07-28",
"url": "https://ubuntu.com/security/notices/USN-5537-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5537-2 vom 2022-07-29",
"url": "https://ubuntu.com/security/notices/USN-5537-2"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20220729-0004 vom 2022-08-19",
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6518 vom 2022-09-14",
"url": "https://access.redhat.com/errata/RHSA-2022:6518"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6590 vom 2022-09-21",
"url": "https://access.redhat.com/errata/RHSA-2022:6590"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-6590 vom 2022-09-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-6590.html"
},
{
"category": "external",
"summary": "Oracle Linux Bulletin-October 2022 vom 2022-10-18",
"url": "https://www.oracle.com/security-alerts/linuxbulletinoct2022.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7055 vom 2022-10-19",
"url": "https://access.redhat.com/errata/RHSA-2022:7055"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7119 vom 2022-10-25",
"url": "https://access.redhat.com/errata/RHSA-2022:7119"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7119 vom 2022-10-27",
"url": "https://linux.oracle.com/errata/ELSA-2022-7119.html"
}
],
"source_lang": "en-US",
"title": "Oracle MySQL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2022-11-30T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:31:57.219+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0735",
"initial_release_date": "2022-07-19T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-07-19T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-07-28T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-08-21T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2022-09-14T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-21T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-10-18T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-19T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-26T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-11-30T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Security Guardium 11.3",
"product": {
"name": "IBM Security Guardium 11.3",
"product_id": "1048943",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.3"
}
}
},
{
"category": "product_name",
"name": "IBM Security Guardium 11.4",
"product": {
"name": "IBM Security Guardium 11.4",
"product_id": "1076561",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.4"
}
}
},
{
"category": "product_name",
"name": "IBM Security Guardium 10.5",
"product": {
"name": "IBM Security Guardium 10.5",
"product_id": "410912",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:10.5"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 8.0.28",
"product": {
"name": "Oracle MySQL \u003c= 8.0.28",
"product_id": "1163192",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:8.0.28"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 8.0.25",
"product": {
"name": "Oracle MySQL \u003c= 8.0.25",
"product_id": "858557",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:8.0.25"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 8.0.29",
"product": {
"name": "Oracle MySQL \u003c= 8.0.29",
"product_id": "T022871",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:8.0.29"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 8.0.30",
"product": {
"name": "Oracle MySQL \u003c= 8.0.30",
"product_id": "T023949",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:8.0.30"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 5.7.38",
"product": {
"name": "Oracle MySQL \u003c= 5.7.38",
"product_id": "T023950",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:5.7.38"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 7.4.36",
"product": {
"name": "Oracle MySQL \u003c= 7.4.36",
"product_id": "T023951",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:7.4.36"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 7.5.26",
"product": {
"name": "Oracle MySQL \u003c= 7.5.26",
"product_id": "T023952",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:7.5.26"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 7.6.22",
"product": {
"name": "Oracle MySQL \u003c= 7.6.22",
"product_id": "T023953",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:7.6.22"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 1.1.8",
"product": {
"name": "Oracle MySQL \u003c= 1.1.8",
"product_id": "T023954",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:1.1.8"
}
}
}
],
"category": "product_name",
"name": "MySQL"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2020-26237",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2020-26237"
},
{
"cve": "CVE-2021-22119",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2021-22119"
},
{
"cve": "CVE-2021-31805",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2021-31805"
},
{
"cve": "CVE-2022-1292",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-1292"
},
{
"cve": "CVE-2022-21455",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21455"
},
{
"cve": "CVE-2022-21509",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21509"
},
{
"cve": "CVE-2022-21515",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21515"
},
{
"cve": "CVE-2022-21517",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21517"
},
{
"cve": "CVE-2022-21519",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21519"
},
{
"cve": "CVE-2022-21522",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21522"
},
{
"cve": "CVE-2022-21525",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21525"
},
{
"cve": "CVE-2022-21526",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21526"
},
{
"cve": "CVE-2022-21527",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21527"
},
{
"cve": "CVE-2022-21528",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21528"
},
{
"cve": "CVE-2022-21529",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21529"
},
{
"cve": "CVE-2022-21530",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21530"
},
{
"cve": "CVE-2022-21531",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21531"
},
{
"cve": "CVE-2022-21534",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21534"
},
{
"cve": "CVE-2022-21535",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21535"
},
{
"cve": "CVE-2022-21537",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21537"
},
{
"cve": "CVE-2022-21538",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21538"
},
{
"cve": "CVE-2022-21539",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21539"
},
{
"cve": "CVE-2022-21547",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21547"
},
{
"cve": "CVE-2022-21550",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21550"
},
{
"cve": "CVE-2022-21553",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21553"
},
{
"cve": "CVE-2022-21555",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21555"
},
{
"cve": "CVE-2022-21556",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21556"
},
{
"cve": "CVE-2022-21569",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21569"
},
{
"cve": "CVE-2022-21824",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21824"
},
{
"cve": "CVE-2022-22968",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-22968"
},
{
"cve": "CVE-2022-23308",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-27778",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-27778"
}
]
}
WID-SEC-W-2022-1057
Vulnerability from csaf_certbund - Published: 2022-05-16 22:00 - Updated: 2023-06-21 22:00Summary
Apple macOS: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff: Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren.
Betroffene Betriebssysteme: - MacOS X
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
References
9 references
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1057 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1057.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1057 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1057"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213255"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213256"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213257"
},
{
"category": "external",
"summary": "PoC CVE-2022-26726",
"url": "https://github.com/acheong08/CVE-2022-26726-POC"
},
{
"category": "external",
"summary": "CISA: Apple Releases Security Updates",
"url": "https://www.cisa.gov/uscert/ncas/current-activity/2022/04/01/apple-releases-security-updates-0"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3118 vom 2022-09-22",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html"
},
{
"category": "external",
"summary": "Wojciech Regula blogpost vom 2022-11-21",
"url": "https://wojciechregula.blog/post/macos-sandbox-escape-via-terminal/"
}
],
"source_lang": "en-US",
"title": "Apple macOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-21T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:33:27.405+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1057",
"initial_release_date": "2022-05-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-05-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-08-16T22:00:00.000+00:00",
"number": "2",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "3",
"summary": "CVE Nummern CVE-2022-32790 und CVE-2022-32882 erg\u00e4nzt"
},
{
"date": "2022-09-22T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-09-25T22:00:00.000+00:00",
"number": "5",
"summary": "Korrektur bzgl. fehlerhaft eingetragenem Debian Update"
},
{
"date": "2022-11-21T23:00:00.000+00:00",
"number": "6",
"summary": "Exploit aufgenommen"
},
{
"date": "2023-06-21T22:00:00.000+00:00",
"number": "7",
"summary": "CVE-2022-32794 erg\u00e4nzt"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Apple macOS Catalina \u003c 2022-004",
"product": {
"name": "Apple macOS Catalina \u003c 2022-004",
"product_id": "T023230",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:catalina__2022-004"
}
}
},
{
"category": "product_name",
"name": "Apple macOS Big Sur \u003c 11.6.6",
"product": {
"name": "Apple macOS Big Sur \u003c 11.6.6",
"product_id": "T023231",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:big_sur__11.6.6"
}
}
},
{
"category": "product_name",
"name": "Apple macOS Monterey \u003c 12.4",
"product": {
"name": "Apple macOS Monterey \u003c 12.4",
"product_id": "T023232",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:monterey__12.4"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32882",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32882"
},
{
"cve": "CVE-2022-32794",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32794"
},
{
"cve": "CVE-2022-32790",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32790"
},
{
"cve": "CVE-2022-26776",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26776"
},
{
"cve": "CVE-2022-26775",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26775"
},
{
"cve": "CVE-2022-26772",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26772"
},
{
"cve": "CVE-2022-26770",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26770"
},
{
"cve": "CVE-2022-26769",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26769"
},
{
"cve": "CVE-2022-26768",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26768"
},
{
"cve": "CVE-2022-26767",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26767"
},
{
"cve": "CVE-2022-26766",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26766"
},
{
"cve": "CVE-2022-26765",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26765"
},
{
"cve": "CVE-2022-26764",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26764"
},
{
"cve": "CVE-2022-26763",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26763"
},
{
"cve": "CVE-2022-26762",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26762"
},
{
"cve": "CVE-2022-26761",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26761"
},
{
"cve": "CVE-2022-26757",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26757"
},
{
"cve": "CVE-2022-26756",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26756"
},
{
"cve": "CVE-2022-26755",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26755"
},
{
"cve": "CVE-2022-26754",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26754"
},
{
"cve": "CVE-2022-26753",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26753"
},
{
"cve": "CVE-2022-26752",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26752"
},
{
"cve": "CVE-2022-26751",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26751"
},
{
"cve": "CVE-2022-26750",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26750"
},
{
"cve": "CVE-2022-26749",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26749"
},
{
"cve": "CVE-2022-26748",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26748"
},
{
"cve": "CVE-2022-26746",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26746"
},
{
"cve": "CVE-2022-26745",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26745"
},
{
"cve": "CVE-2022-26743",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26743"
},
{
"cve": "CVE-2022-26742",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26742"
},
{
"cve": "CVE-2022-26741",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26741"
},
{
"cve": "CVE-2022-26740",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26740"
},
{
"cve": "CVE-2022-26739",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26739"
},
{
"cve": "CVE-2022-26738",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26738"
},
{
"cve": "CVE-2022-26737",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26737"
},
{
"cve": "CVE-2022-26736",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26736"
},
{
"cve": "CVE-2022-26731",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26731"
},
{
"cve": "CVE-2022-26728",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26728"
},
{
"cve": "CVE-2022-26727",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26727"
},
{
"cve": "CVE-2022-26726",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26726"
},
{
"cve": "CVE-2022-26725",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26725"
},
{
"cve": "CVE-2022-26723",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26723"
},
{
"cve": "CVE-2022-26722",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26722"
},
{
"cve": "CVE-2022-26721",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26721"
},
{
"cve": "CVE-2022-26720",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26720"
},
{
"cve": "CVE-2022-26719",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26719"
},
{
"cve": "CVE-2022-26718",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26718"
},
{
"cve": "CVE-2022-26717",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26717"
},
{
"cve": "CVE-2022-26716",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26716"
},
{
"cve": "CVE-2022-26715",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26715"
},
{
"cve": "CVE-2022-26714",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26714"
},
{
"cve": "CVE-2022-26712",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26712"
},
{
"cve": "CVE-2022-26711",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26711"
},
{
"cve": "CVE-2022-26710",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26710"
},
{
"cve": "CVE-2022-26709",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26709"
},
{
"cve": "CVE-2022-26708",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26708"
},
{
"cve": "CVE-2022-26706",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26706"
},
{
"cve": "CVE-2022-26704",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26704"
},
{
"cve": "CVE-2022-26701",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26701"
},
{
"cve": "CVE-2022-26700",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26700"
},
{
"cve": "CVE-2022-26698",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26698"
},
{
"cve": "CVE-2022-26697",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26697"
},
{
"cve": "CVE-2022-26696",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26696"
},
{
"cve": "CVE-2022-26694",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26694"
},
{
"cve": "CVE-2022-26693",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26693"
},
{
"cve": "CVE-2022-23308",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22677",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22677"
},
{
"cve": "CVE-2022-22675",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22675"
},
{
"cve": "CVE-2022-22674",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22674"
},
{
"cve": "CVE-2022-22665",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22665"
},
{
"cve": "CVE-2022-22663",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22663"
},
{
"cve": "CVE-2022-22589",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22589"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-0530",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0530"
},
{
"cve": "CVE-2022-0128",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2021-46059",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-46059"
},
{
"cve": "CVE-2021-45444",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-45444"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-4193",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4192",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4187",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4187"
},
{
"cve": "CVE-2021-4173",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4173"
},
{
"cve": "CVE-2021-4166",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-4136",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2018-25032"
}
]
}
WID-SEC-W-2022-1335
Vulnerability from csaf_certbund - Published: 2022-09-07 22:00 - Updated: 2023-05-18 22:00Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme: - Sonstiges
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
— | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
— | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
— |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1335 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1335.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1335 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1335"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-007 vom 2023-05-18",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/05/Xerox-Security-Bulletin-XRX23-007-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-005 vom 2023-04-04",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX22-021 vom 2022-09-07",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2022/09/Xerox-Security-Bulletin-XRX22-021-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-05-18T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:34:44.234+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1335",
"initial_release_date": "2022-09-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-09-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server 7",
"product": {
"name": "Xerox FreeFlow Print Server 7",
"product_id": "T000872",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:7"
}
}
},
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server 9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
},
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server v9",
"product": {
"name": "Xerox FreeFlow Print Server v9",
"product_id": "T015632",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2019-19906",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2020-0499",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-0499"
},
{
"cve": "CVE-2020-25717",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-25717"
},
{
"cve": "CVE-2020-29651",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-29651"
},
{
"cve": "CVE-2021-0561",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-0561"
},
{
"cve": "CVE-2021-21708",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-21708"
},
{
"cve": "CVE-2021-22946",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-25220",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-25220"
},
{
"cve": "CVE-2021-29923",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-30809",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30809"
},
{
"cve": "CVE-2021-30818",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30818"
},
{
"cve": "CVE-2021-30823",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30823"
},
{
"cve": "CVE-2021-30836",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30836"
},
{
"cve": "CVE-2021-30884",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30884"
},
{
"cve": "CVE-2021-30887",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30887"
},
{
"cve": "CVE-2021-30888",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30888"
},
{
"cve": "CVE-2021-30889",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30889"
},
{
"cve": "CVE-2021-30890",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30890"
},
{
"cve": "CVE-2021-30897",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30897"
},
{
"cve": "CVE-2021-30934",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30934"
},
{
"cve": "CVE-2021-30936",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30936"
},
{
"cve": "CVE-2021-30951",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30951"
},
{
"cve": "CVE-2021-30952",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30952"
},
{
"cve": "CVE-2021-30953",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30953"
},
{
"cve": "CVE-2021-30954",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30954"
},
{
"cve": "CVE-2021-30984",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30984"
},
{
"cve": "CVE-2021-3448",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-3448"
},
{
"cve": "CVE-2021-34558",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-34558"
},
{
"cve": "CVE-2021-36221",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-4115",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4115"
},
{
"cve": "CVE-2021-4136",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2021-4166",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-4173",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4173"
},
{
"cve": "CVE-2021-41771",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-41772",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-41772"
},
{
"cve": "CVE-2021-4187",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4187"
},
{
"cve": "CVE-2021-4192",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4193",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4217",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4217"
},
{
"cve": "CVE-2021-43519",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-43519"
},
{
"cve": "CVE-2021-43566",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-43566"
},
{
"cve": "CVE-2021-44142",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-44142"
},
{
"cve": "CVE-2021-45444",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45444"
},
{
"cve": "CVE-2021-45481",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45481"
},
{
"cve": "CVE-2021-45482",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45482"
},
{
"cve": "CVE-2021-45483",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45483"
},
{
"cve": "CVE-2021-45960",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45960"
},
{
"cve": "CVE-2021-46143",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-46143"
},
{
"cve": "CVE-2022-0128",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2022-0156",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0156"
},
{
"cve": "CVE-2022-0158",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0158"
},
{
"cve": "CVE-2022-0261",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0261"
},
{
"cve": "CVE-2022-0318",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0318"
},
{
"cve": "CVE-2022-0319",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0319"
},
{
"cve": "CVE-2022-0336",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0336"
},
{
"cve": "CVE-2022-0391",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0391"
},
{
"cve": "CVE-2022-0408",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0408"
},
{
"cve": "CVE-2022-0413",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0413"
},
{
"cve": "CVE-2022-0417",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0417"
},
{
"cve": "CVE-2022-0443",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0443"
},
{
"cve": "CVE-2022-0554",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0554"
},
{
"cve": "CVE-2022-0566",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0566"
},
{
"cve": "CVE-2022-0572",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0572"
},
{
"cve": "CVE-2022-0629",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0629"
},
{
"cve": "CVE-2022-0685",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0685"
},
{
"cve": "CVE-2022-0696",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0696"
},
{
"cve": "CVE-2022-0714",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0714"
},
{
"cve": "CVE-2022-0729",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0729"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-1097",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1097"
},
{
"cve": "CVE-2022-1196",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1196"
},
{
"cve": "CVE-2022-1197",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1197"
},
{
"cve": "CVE-2022-1271",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1271"
},
{
"cve": "CVE-2022-1520",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1520"
},
{
"cve": "CVE-2022-1834",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1834"
},
{
"cve": "CVE-2022-21245",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21245"
},
{
"cve": "CVE-2022-21270",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21270"
},
{
"cve": "CVE-2022-21291",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21291"
},
{
"cve": "CVE-2022-21303",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21303"
},
{
"cve": "CVE-2022-21304",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21304"
},
{
"cve": "CVE-2022-21344",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21344"
},
{
"cve": "CVE-2022-21349",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21349"
},
{
"cve": "CVE-2022-21367",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21367"
},
{
"cve": "CVE-2022-21426",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21426"
},
{
"cve": "CVE-2022-21434",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21434"
},
{
"cve": "CVE-2022-21443",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21443"
},
{
"cve": "CVE-2022-21449",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21449"
},
{
"cve": "CVE-2022-21476",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21476"
},
{
"cve": "CVE-2022-21493",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21493"
},
{
"cve": "CVE-2022-21494",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21494"
},
{
"cve": "CVE-2022-21496",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21496"
},
{
"cve": "CVE-2022-21514",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21514"
},
{
"cve": "CVE-2022-21524",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21524"
},
{
"cve": "CVE-2022-21533",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21533"
},
{
"cve": "CVE-2022-21712",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21712"
},
{
"cve": "CVE-2022-21716",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21716"
},
{
"cve": "CVE-2022-22589",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22589"
},
{
"cve": "CVE-2022-22590",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22590"
},
{
"cve": "CVE-2022-22592",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22592"
},
{
"cve": "CVE-2022-22620",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22620"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22818",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22818"
},
{
"cve": "CVE-2022-22822",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-22825",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22825"
},
{
"cve": "CVE-2022-22826",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22826"
},
{
"cve": "CVE-2022-22827",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22827"
},
{
"cve": "CVE-2022-23308",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-23772",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-23833",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23833"
},
{
"cve": "CVE-2022-23852",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-23990",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23990"
},
{
"cve": "CVE-2022-24130",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24130"
},
{
"cve": "CVE-2022-24407",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-24675",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-24713",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24713"
},
{
"cve": "CVE-2022-24801",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24801"
},
{
"cve": "CVE-2022-25235",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-25313",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-25314",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25314"
},
{
"cve": "CVE-2022-25315",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-25762",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25762"
},
{
"cve": "CVE-2022-26381",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26381"
},
{
"cve": "CVE-2022-26383",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26383"
},
{
"cve": "CVE-2022-26384",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26384"
},
{
"cve": "CVE-2022-26386",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26386"
},
{
"cve": "CVE-2022-26387",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26387"
},
{
"cve": "CVE-2022-26485",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26485"
},
{
"cve": "CVE-2022-26486",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26486"
},
{
"cve": "CVE-2022-28281",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28281"
},
{
"cve": "CVE-2022-28282",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28282"
},
{
"cve": "CVE-2022-28285",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28285"
},
{
"cve": "CVE-2022-28286",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28286"
},
{
"cve": "CVE-2022-28289",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28289"
},
{
"cve": "CVE-2022-28327",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-28346",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28346"
},
{
"cve": "CVE-2022-28347",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28347"
},
{
"cve": "CVE-2022-29824",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29824"
},
{
"cve": "CVE-2022-29909",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29909"
},
{
"cve": "CVE-2022-29911",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29911"
},
{
"cve": "CVE-2022-29912",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29912"
},
{
"cve": "CVE-2022-29913",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29913"
},
{
"cve": "CVE-2022-29914",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29914"
},
{
"cve": "CVE-2022-29916",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29916"
},
{
"cve": "CVE-2022-29917",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29917"
},
{
"cve": "CVE-2022-31736",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31736"
},
{
"cve": "CVE-2022-31737",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31737"
},
{
"cve": "CVE-2022-31738",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31738"
},
{
"cve": "CVE-2022-31739",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31739"
},
{
"cve": "CVE-2022-3174",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-3174"
},
{
"cve": "CVE-2022-31740",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31740"
},
{
"cve": "CVE-2022-31741",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31741"
},
{
"cve": "CVE-2022-31742",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31742"
},
{
"cve": "CVE-2022-31747",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31747"
},
{
"cve": "CVE-2022-4187",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-4187"
}
]
}
WID-SEC-W-2022-1461
Vulnerability from csaf_certbund - Published: 2022-09-18 22:00 - Updated: 2023-06-20 22:00Summary
IBM Spectrum Protect: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme: - Linux
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect plus 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:plus_10.1
|
— |
References
12 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Spectrum Protect ist eine zentralisierte Backupl\u00f6sung f\u00fcr Systeme im Netzwerk.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1461 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1461.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1461 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1461"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7005589 vom 2023-06-21",
"url": "https://www.ibm.com/support/pages/node/7005589"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6620211 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6620211"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6619915 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6619915"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6621141 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6621141"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6619963 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6619963"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6621115 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6621115"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6619919 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6619919"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6619947 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6619947"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6619975 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6619975"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6620209 vom 2022-09-18",
"url": "https://www.ibm.com/support/pages/node/6620209"
}
],
"source_lang": "en-US",
"title": "IBM Spectrum Protect: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-20T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:35:19.173+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1461",
"initial_release_date": "2022-09-18T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-09-18T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-06-20T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Spectrum Protect plus 10.1",
"product": {
"name": "IBM Spectrum Protect plus 10.1",
"product_id": "T015895",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1"
}
}
},
{
"category": "product_name",
"name": "IBM Spectrum Protect \u003c 10.1.12",
"product": {
"name": "IBM Spectrum Protect \u003c 10.1.12",
"product_id": "T024647",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:10.1.12"
}
}
},
{
"category": "product_name",
"name": "IBM Spectrum Protect \u003c 8.1.16",
"product": {
"name": "IBM Spectrum Protect \u003c 8.1.16",
"product_id": "T024648",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:8.1.16"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2021-22946",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-22947",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2021-22947"
},
{
"cve": "CVE-2021-3759",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2021-3759"
},
{
"cve": "CVE-2021-42550",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2021-42550"
},
{
"cve": "CVE-2022-1292",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-1292"
},
{
"cve": "CVE-2022-1705",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-1705"
},
{
"cve": "CVE-2022-2068",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-2068"
},
{
"cve": "CVE-2022-2097",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-2097"
},
{
"cve": "CVE-2022-22389",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-22389"
},
{
"cve": "CVE-2022-22390",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-22390"
},
{
"cve": "CVE-2022-22476",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-22476"
},
{
"cve": "CVE-2022-22576",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-22576"
},
{
"cve": "CVE-2022-23772",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-24675",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-27774",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-27774"
},
{
"cve": "CVE-2022-27776",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-27776"
},
{
"cve": "CVE-2022-27782",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-29361",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-29361"
},
{
"cve": "CVE-2022-29526",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-29526"
},
{
"cve": "CVE-2022-29804",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-29804"
},
{
"cve": "CVE-2022-30580",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-30580"
},
{
"cve": "CVE-2022-30629",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-30629"
},
{
"cve": "CVE-2022-30631",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-30631"
},
{
"cve": "CVE-2022-30633",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-30633"
},
{
"cve": "CVE-2022-30634",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-30634"
},
{
"cve": "CVE-2022-31028",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-31028"
},
{
"cve": "CVE-2022-32212",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-32212"
},
{
"cve": "CVE-2022-32213",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-32213"
},
{
"cve": "CVE-2022-32214",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-32214"
},
{
"cve": "CVE-2022-32215",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-32215"
},
{
"cve": "CVE-2022-32222",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-32222"
},
{
"cve": "CVE-2022-32223",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-32223"
},
{
"cve": "CVE-2022-33987",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-33987"
},
{
"cve": "CVE-2022-35919",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-35919"
},
{
"cve": "CVE-2022-40234",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-40234"
},
{
"cve": "CVE-2022-40608",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T015895"
]
},
"release_date": "2022-09-18T22:00:00.000+00:00",
"title": "CVE-2022-40608"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…